CVE-2022-33681

CWE-295Improper Certificate Validation5 documents5 sources
Severity
5.9MEDIUM
EPSS
0.1%
top 75.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache PulsarApache Software Foundation Apache Pulsar
Timeline
PublishedSep 23
Latest updateSep 25

Description

Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. Connections from the Pulsar Java Client to the Pulsar Broker/Proxy and connections from the Pulsar Proxy to the Pulsar Broker are vulnerable. Authentication data is sent before verifying the server’s TLS certificate matches the hostname, which means authentication data could be exposed to an attacker. An attacker can only take advantage of this vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

Mavenorg.apache.pulsar:pulsar-client2.8.02.8.4+3
NVDapache/pulsar2.8.02.8.4+3
CVEListV5apache_software_foundation/apache_pulsar2.72.7.4+4

🔴Vulnerability Details

3
OSV
Apache Pulsar Java Client vulnerable to Improper Certificate Validation2022-09-25
GHSA
Apache Pulsar Java Client vulnerable to Improper Certificate Validation2022-09-25
CVEList
Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM2022-09-23

📋Vendor Advisories

1
Red Hat
Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM2022-09-22