Published: 09/04/2013 Updated: 07/11/2023

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote malicious users to spoof servers via a man-in-the-middle (MITM) attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache maven 3.0.4

Synopsis Moderate: jenkins security update Type/Severity Security Advisory: Moderate Topic An updated jenkins package that fixes one security issue is now availablefor Red Hat OpenShift Enterprise 113The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vuln ...

Debian Bug report logs - #701991 maven3: CVE-2013-0253 Package: src:wagon2; Maintainer for src:wagon2 is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 1 Mar 2013 11:15:05 UTC Severity: grave Tags: patch, security Fixed in version ...

CWE-16 https://bugzilla.redhat.com/show_bug.cgi?id=917084 https://maven.apache.org/security.html http://rhn.redhat.com/errata/RHSA-2013-0700.html https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E https://access.redhat.com/errata/RHSA-2013:0700 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-0253

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect