Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:7658
HistoryOct 30, 2018 - 7:17 a.m.

Man-in-the-Middle (MitM)

2018-10-3007:17:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

EPSS

0.002

Percentile

60.1%

smack is vulnerable to man-in-the-middle. A lack of verification of the basicConstraints and nameConstraints in the ServerTrustManager component for the X.509 certificate chains from the SSL server would allow attackers to spoof a server and perform MITM attacks via a crafted certificate chain to obtain confidential information.