CVE-2016-10027 in Smackजानकारी

सारांश

द्वारा MITRE

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

आरक्षित करना

22/12/2016

प्रकटीकरण

12/01/2017

प्रविष्टि

VDB-95211

EPSS

0.01519

गतिविधियाँ

बहुत कम

स्रोत

Do you need the next level of professionalism?

Upgrade your account now!