6 matches found
CVE-2023-49250
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...
CVE-2023-49250
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...
CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...
CVE-2023-49250
CVE-2023-49250 affects Apache DolphinScheduler prior to 3.2.0, where the HttpUtils class fails to verify TLS certificates. This allows an attacker in a MITM position on outgoing HTTPS connections to impersonate the server, potentially impacting confidentiality, integrity, and availability of the ...
CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...
CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...