CVE-2020-17514

Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful.
Configurations

Configuration 1

cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*

Information

Published : 2021-05-27 12:15

Updated : 2021-06-07 06:05


NVD link : CVE-2020-17514

Mitre link : CVE-2020-17514

Products Affected
No products.