PT-2014-3448 · Red Hat+1 · Red Hat Enterprise Linux Openstack Platform+2
Published
2014-06-02
·
Updated
2023-02-13
·
CVE-2014-0041
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
OpenStack Heat Templates (heat-templates) as used in Red Hat Enterprise Linux OpenStack Platform version 4.0
Description
The issue allows man-in-the-middle attackers to prevent updates via unspecified vectors by disabling SSL protection for certain Yum repositories.
Recommendations
For Red Hat Enterprise Linux OpenStack Platform version 4.0, consider enabling SSL verification for Yum repositories to prevent man-in-the-middle attacks.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openstack Heat Templates
Red Hat Enterprise Linux Openstack Platform
Yum