NVD

Id
17576  
Name
CVE-2016-1115  
Description
Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-05-10  
Modified Date
2016-11-30  
Seq
2016-1115  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
97056 17576 CVE-2016-1115 90514  View
97057 17576 CVE-2016-1115 1035829  View
97058 17576 CVE-2016-1115 https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
1932 JVNDB-2016-002705 Adobe ColdFusion におけるサーバになりすまされる脆弱性 Adobe ColdFusion は、X.509 証明書の名前フィールドのワイルドカードを誤って処理するため、サーバになりすまされる脆弱性が存在します。 CVE-2016-1115 87621 CVE-2016-1115 17576 5.8 4.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-002705.html 2016-05-10 2016-05-17 View