Lucene search
K

5 matches found

Veracode
Veracode
added 2020/10/02 1:27 a.m.19 views

Insecure Encryption Standards

nifi-socket-utils uses insecure encryption standards. The weakness arises as it continued to allow support of TLS v1.0 and v1.1, when the NiFi UI, API, as well as listening for connections established by processors like ListenHTTP, HandleHttpRequest were protected by mandating TLS v1.2...

7.5CVSS1.5AI score0.02871EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2020/10/01 8:15 p.m.33 views

CVE-2020-9491

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5CVSS6.9AI score0.02871EPSS
Exploits0References3
CVE
CVE
added 2020/10/01 7:57 p.m.89 views

CVE-2020-9491

CVE-2020-9491 affects Apache NiFi ranges 1.2.0–1.11.4, where the UI/API enforce TLS v1.2 but intracluster communications (cluster request replication, Site-to-Site, load-balanced queues) allowed TLS v1.0/v1.1. The provided connected documents reiterate this scope, identifying the vulnerable compo...

7.5CVSS7.5AI score0.02871EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.117 views

ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.73327EPSS
Exploits4
securityvulns
securityvulns
added 2012/10/29 12:0 a.m.112 views

ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks

ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...

4.3CVSS0.1AI score0.73327EPSS
Exploits4
Rows per page
Query Builder