Security Advisory

CVE-2020-17514

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-27 12:10:10

Last updated 2024-08-04 14:00:48

Assigner apache

State PUBLISHED

Description

Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful.

← Browse all CVEs View on cve.org ↗