Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
445
VMScore

CVE-2019-0231

Published: 01/10/2019 Updated: 08/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Mina

Vulnerability Summary

Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.0.21, 2.1.0 users should migrate to 2.1.1. This issue affects: Apache MINA.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache mina 2.1.1

apache mina 2.0.20

Vendor Advisories

Red Hat: Important: Red Hat Decision Manager 7.7.0 Security Update
Synopsis Important: Red Hat Decision Manager 770 Security Update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Decision ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...
Red Hat: Moderate: Red Hat Process Automation Manager 7.7.0 Security Update
Synopsis Moderate: Red Hat Process Automation Manager 770 Security Update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...
Red Hat: Important: Satellite 6.7 release.
Synopsis Important: Satellite 67 release Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Satellite 67 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Red Hat: Important: Red Hat Fuse 7.7.0 release and security update
Synopsis Important: Red Hat Fuse 770 release and security update Type/Severity Security Advisory: Important Topic A minor version update (from 76 to 77) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Produc ...
Hitachi Security Advisories: Vulnerability in Cosminexus Service Coordinator
A vulnerability (CVE-2019-0231) exists in Cosminexus Service Coordinator Affected products and versions are listed below Please upgrade your version to the appropriate version ...

Mailing Lists

Full Disclosure: Re: [CVE-2019-0231] MINA SSLFilter security Issue
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: [CVE-2019-0231] MINA SSLFilter security Issue <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Doran Moppert & ...

References

CWE-319http://mina.apache.org/mina-project/index.html#mina-211-mina-2021-released-posted-on-april-14-2019https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:0899https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-126/index.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook