Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

vulnersOsv
vulnersOsvadded 2022/05/14 3:47 a.m.3 views

com.yubico.java:yubico-validation-client (=2.0RC3), com.yubico:yubico-jaas-module (>=2.0.1 <=3.1.0) +4 more potentially affected by CVE-2014-3607 via edu.vt.middleware:vt-ldap (>=3.3.2 <=3.3.5)

edu.vt.middleware:vt-ldap MAVEN version =3.3.2, =2.0.1, =2.0.0, =2.2.0, =2.0.0, =2.3.0 Source cves: CVE-2014-3607 Source advisory: OSV:GHSA-273V-G3X4-R3RC...

5.9CVSS6.2AI score0.00867EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2020/12/15 5:4 p.m.19 views

Security Bulletin: Ldaptive as used in IBM QRadar SIEM is vulnerable to spoofing (CVE-2014-3607)

Summary Ldaptive as used in IBM QRadar SIEM is vulnerable to spoofing Vulnerability Details CVEID: CVE-2014-3607 DESCRIPTION: Ldaptive could allow a remote attacker to conduct spoofing attack in DefaultHostnameVerifier, caused by the failure to properly verify that the server hostname matches a...

5.9CVSS0.9AI score0.00867EPSS
Exploits0Affected Software1
NVD
NVDadded 2018/01/08 7:29 p.m.16 views

CVE-2014-3607

DefaultHostnameVerifier in Ldaptive formerly vt-ldap does not properly verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

5.9CVSS5.5AI score0.00867EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2018/01/08 7:29 p.m.19 views

CVE-2014-3607

DefaultHostnameVerifier in Ldaptive formerly vt-ldap does not properly verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

5.9CVSS6.3AI score0.00867EPSS
Exploits0References2
OSV
OSVadded 2018/01/08 7:29 p.m.3 views

CVE-2014-3607

DefaultHostnameVerifier in Ldaptive formerly vt-ldap does not properly verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

5.9CVSS5.6AI score
Exploits0References7
CVE
CVEadded 2018/01/08 7:0 p.m.55 views

CVE-2014-3607

CVE-2014-3607 affects Ldaptive (formerly vt-ldap) and its DefaultHostnameVerifier, which fails to ensure the server hostname matches a domain name in the X.509 certificate’s CN. This allows remote attackers to perform a MITM spoofing attack by using an arbitrary valid certificate. The issue is ob...

5.9CVSS5.5AI score0.00867EPSS
Exploits0References5Affected Software2
Cvelist
Cvelistadded 2018/01/08 7:0 p.m.14 views

CVE-2014-3607

DefaultHostnameVerifier in Ldaptive formerly vt-ldap does not properly verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

5.5AI score0.00867EPSS
Exploits0References5
Rows per page
Query Builder