CVE-2023-4586

Summary

A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack.

Affected Software

VendorProductVersion RangeStatus

Weaknesses

  • CWE-20: Improper Input Validation

Workarounds

No current mitigation is yet available for this vulnerability

ADP Enrichment

CVE Program Container

Additional References

References