We found results for “”
CVE-2019-10240
Good to know:
Date: April 3, 2019
Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.
Language: Java
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | MEDIUM |
Authentication (AU): | NONE |
Confidentiality (C): | PARTIAL |
Integrity (I): | PARTIAL |
Availability (A): | PARTIAL |
Additional information: |