Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 12:38 p.m.10 views

CVE-2023-49250

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...

7.3CVSS6.6AI score0.00704EPSS
Exploits0References5
NVD
NVD
added 2024/02/20 10:15 a.m.18 views

CVE-2023-49250

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...

7.3CVSS6.4AI score0.00704EPSS
Exploits0References3
OSV
OSV
added 2024/02/20 10:0 a.m.25 views

CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...

7.3CVSS7AI score0.00704EPSS
Exploits0References6
CVE
CVE
added 2024/02/20 10:0 a.m.6876 views

CVE-2023-49250

CVE-2023-49250 affects Apache DolphinScheduler prior to 3.2.0, where the HttpUtils class fails to verify TLS certificates. This allows an attacker in a MITM position on outgoing HTTPS connections to impersonate the server, potentially impacting confidentiality, integrity, and availability of the ...

7.3CVSS7.1AI score0.00704EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/20 10:0 a.m.14 views

CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...

6.7AI score0.00704EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/20 10:0 a.m.21 views

CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil

Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle MITM attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which...

6.7AI score0.00704EPSS
Exploits0References3
Rows per page
Query Builder