CVE-2013-0253
published 2013-04-09CVE-2013-0253: The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers…
medium5.8CVSS 3.1
AVNACMAuNCPIPAN
The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | maven | — | — |
| jenkins | maven | >= 0 < 3.0.5-1 | 3.0.5-1 |
CVSS provenance
nvd5.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv5.8MEDIUM