Security Advisory

CVE-2020-9488

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-27 15:36:10

Last updated 2024-08-04 10:26:16

Assigner apache

State PUBLISHED

Description

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

← Browse all CVEs View on cve.org ↗