SymmetricalDataSecurity: Security Bulletin: CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name

Tuesday, August 4, 2020

Security Bulletin: CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name

Aug 4, 2020 8:01 pm EDT

Share this post:

CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name

Affected product(s) and affected version(s):

Affected Product(s)	Version(s)
UCD – IBM UrbanCode Deploy	6.2.7.4
UCD – IBM UrbanCode Deploy	6.2.7.3
UCD – IBM UrbanCode Deploy	7.0.4.0
UCD – IBM UrbanCode Deploy	7.0.3.0
UCD – IBM UrbanCode Deploy	All

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6256120

from IBM Product Security Incident Response Team https://ift.tt/3fug7k3

SymmetricalDataSecurity

Tuesday, August 4, 2020

Security Bulletin: CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews