Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-14387
HistoryMay 27, 2021 - 12:00 a.m.

CVE-2020-14387

2021-05-2700:00:00
ubuntu.com
ubuntu.com
11

0.002 Low

EPSS

Percentile

52.6%

A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly
validates certificate with host mismatch vulnerability. A remote,
unauthenticated attacker could exploit the flaw by performing a
man-in-the-middle attack using a valid certificate for another hostname
which could compromise confidentiality and integrity of data transmitted
using rsync-ssl. The highest threat from this vulnerability is to data
confidentiality and integrity. This flaw affects rsync versions before
3.2.4.

Bugs