Configuration

CVE-2013-0253

Medium

5.8/10

Summary

The default configuration of Apache Maven 3.0.4, when using Maven Wagon prior to 2.4, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: NONE

CWE-16 - Configuration

Weaknesses in this category are typically introduced during the configuration of the software.

References

Issue
Issue
Advisory

Advisory Timeline

Published Apr 09, 2013

Configuration

CVE-2013-0253

Summary

CWE-16 - Configuration

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS