← Back

Couchbase Server Java Sdk

couchbase_server_java_sdk

Vendor: Couchbase • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-9040
1Couchbase
1Couchbase Server Java Sdk
Nov 21, 2024
Jun 8, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that wi...Show more
Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that will be accepted by Java SDK's Netty component due to missing hostname verification.Show less