How severe is CVE-2014-8164?

CVE-2014-8164 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2014-8164

Name: cloudforms_management_engine
Author: redhat

9.1CRITICAL

A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.

Опубликовано: 7/6/2022Обновлено: 11/21/2024

Описание

A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.

ИИ-АнализНа базе ИИ

Затронутые продукты

redhatcloudforms_management_engine

5.0

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1151208
Issue TrackingMitigationThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1151208
Issue TrackingMitigationThird Party Advisory