Vulnerability Details : CVE-2020-13955
HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters. The method itself is in a utility class so people may use it to create vulnerable HTTPS connections for other applications. From Apache Calcite 1.26 onwards, the hostname verification will be performed using the default JVM truststore.
Products affected by CVE-2020-13955
- cpe:2.3:a:apache:calcite:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-13955
0.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-13955
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
|
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2020-13955
-
The product does not validate, or incorrectly validates, a certificate.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-13955
-
https://lists.apache.org/thread.html/r0b0fbe2038388175951ce1028182d980f9e9a7328be13d52dab70bb3%40%3Cdev.calcite.apache.org%3E
[CVE-2020-13955] Apache Calcite Disabled HTTPS Hostname Verification - Pony MailMailing List;Third Party Advisory
Jump to