Published: 09/10/2020 Updated: 21/07/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters. The method itself is in a utility class so people may use it to create vulnerable HTTPS connections for other applications. From Apache Calcite 1.26 onwards, the hostname verification will be performed using the default JVM truststore.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache calcite

Control Flow Hijack Exploit for CVE-2020-13995 Build it: make Run it: make run Mayhem it: docker tag extract75-cve-2020-13955 <your name>/extract75-cve-2020-13955 docker push <your name>/extract75-cve-2020-13955 mayhem run --image <your name>/extract75-cve-2

Jiangmin

CVE-2020-13955 Experimental environment: win7 x32 Software official website:wwwjiangmincom/ Software download address:wwwjiangmincom/PC/207html Software version：16013129 Affected Component: KVFGSYS problematic IOCTL: 0x00220440

CWE-295 https://lists.apache.org/thread.html/r0b0fbe2038388175951ce1028182d980f9e9a7328be13d52dab70bb3%40%3Cdev.calcite.apache.org%3E https://nvd.nist.gov https://github.com/dbrumley/extract75-cve-2020-13995 https://github.com/intrigus-lgtm/CVE-2020-14955

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-13955

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect