Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity.
CVSS Information
N/A
Vulnerability Type
证书验证不恰当
Vulnerability Title
Apache httpd 信任管理问题漏洞
Vulnerability Description
Apache httpd是美国阿帕奇(Apache)基金会的一款专为现代操作系统开发和维护的开源HTTP服务器。 httpd存在信任管理问题漏洞,该漏洞源于当后端密钥存储库文件的ID未知时,允许通过SSL连接到后端工作程序。
CVSS Information
N/A
Vulnerability Type
N/A