CVE-2015-1843MEDIUMCVSS 4.3≤ 1.5.0-272015-04-06
CVE-2015-1843 [MEDIUM] CVE-2015-1843: The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP
The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. NOTE: t
nvd