2 matches found
Improper Certificate Validation
org.apache.dolphinscheduler: dolphinscheduler-common is vulnerable to Improper Certificate Validation. The vulnerability is due to a lack of certificate verification in the HttpUtils class. This allows an attacker to perform a Man-in-the-Middle MITM attack by impersonating the server...
CVE-2020-17473
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.020190723 allows an attacker to obtain a long-lasting token by impersonating the server...