[Bug 1831139] CVE-2020-9488 log4j: improper validation of certificate with host mismatch in SMTP appender

Author:



Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Reference:

Created log4j tracking bugs for this issue: Affects:….



Source link

Write a comment:
*

Your email address will not be published.

RELATED STORIES
vamtam-theme-circle-post
Category Linux VulnerabilitiesAll VulnerabilitiesLinux VulnerabilitiesOS

SciLinux: SLSA-2020-2334-1 Important: freerdp on SL7.x x86_64>

June 1, 2020
freerdp: Out-of-bounds write in planar.c (CVE-2020-11521) * freerdp: Integer overflow in region.c (CVE-2020-11523) * freerdp:...
Tags , , , , , , , , , , ,
Read More
Category APPLE VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications

OODA Loop – Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug

June 1, 2020
HackerNews reported that Bhavuk Jain, a bug bounty hunter, has received $100,000 from Apple for...
Tags , , , , , , , , , ,
Read More
Category APPLE CERT-LatestNews VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesVMWare

CVE-2020-3958 VMware ESXi、VMware Workstation和VMware Fusion 安全漏洞 -漏洞情报、漏洞详情、安全漏洞、CVE

June 1, 2020
来源:CONFIRM 链接:https://www.vmware.com/security/advisories/VMSA-2020-0011.html 来源:nvd.nist.gov 链接:https://nvd.nist.gov/vuln/detail/CVE-2020-3958 来源:vigilance.fr 链接:https://vigilance.fr/vulnerability/VMware-ESXi-Workstation-two-vulnerabilities-32360 Source link
Tags , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Read More
Category APPLE VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesVMWare

CVE-2020-3957 VMware Fusion、VMware Remote Console和VMware Horizo??n Client 竞争条件问题漏洞 -漏洞情报、漏洞详情、安全漏洞、CVE

June 1, 2020
|漏洞详情 VMware Fusion等都是美国威睿(VMware)公司的产品。VMware Fusion是一套专用于在苹果机(Mac)上运行Windows应用程序的的虚拟机软件。VMware Remote Console是一款远程控制台应用程序。VMware Horizo??n Client是一款用于连接VMware Horizo??n虚拟桌面的客户端应用程序。 VMware Fusion 11.5.5之前的11.x版本、VMware Remote Console 11.x及之前版本(Mac)和VMware...
Tags , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Read More
vamtam-theme-circle-post
Category Applications VulnerabilitiesAll VulnerabilitiesApplications

CVE-2020-4016 – Alert Detail – Security Database

June 1, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Tags , , , , , , , , , , , , , , , ,
Read More
vamtam-theme-circle-post
Category Applications VulnerabilitiesAll VulnerabilitiesApplications

CVE-2020-4015 – Alert Detail – Security Database

June 1, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Tags , , , , , , , , , , , , , , , ,
Read More
vamtam-theme-circle-post
Category Applications VulnerabilitiesAll VulnerabilitiesApplications

CVE-2020-4013 – Alert Detail – Security Database

June 1, 2020
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...
Tags , , , , , , , , , , , , , , , ,
Read More
vamtam-theme-circle-post
Category APTFilter CERT-LatestNews Malware Microsoft ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesDBMS VulnerabilitiesHardware VulnerabilitiesMicrosoft VulnerabilitiesOS

Cybersécurité :Trois décennies de vulnérabilités

June 1, 2020
Les tendances de la cybercriminalité sont en constante évolution. Au cours des 30 années qui...
Tags , , , ,
Read More
Category APPLE VulnerabilitiesAll VulnerabilitiesApple

Early Warning

June 1, 2020
Proto: N010620. Con la presente Yoroi desidera informarla riguardo alla recente scoperta di vulnerabilità all’interno...
Tags , ,
Read More
Category Applications CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications

Multiple vulnerabilities in JerryScript

June 1, 2020
Severity Medium Patch available NO Number of vulnerabilities 3 CVE ID CVE-2020-13649CVE-2020-13623CVE-2020-13622 CWE ID CWE-476CWE-400CWE-617...
Tags , , , , ,
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact