vulnerability

CentOS Linux: CVE-2019-3890: Moderate: evolution security and bug fix update (Multiple Advisories)

Try Surface Command
Back to search
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Aug 1, 2019
Added
Nov 6, 2019
Modified
May 25, 2023

Description

It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.

Solutions

centos-upgrade-evolutioncentos-upgrade-evolution-bogofiltercentos-upgrade-evolution-bogofilter-debuginfocentos-upgrade-evolution-data-servercentos-upgrade-evolution-data-server-debuginfocentos-upgrade-evolution-data-server-debugsourcecentos-upgrade-evolution-data-server-develcentos-upgrade-evolution-data-server-doccentos-upgrade-evolution-data-server-langpackscentos-upgrade-evolution-data-server-perlcentos-upgrade-evolution-data-server-testscentos-upgrade-evolution-data-server-tests-debuginfocentos-upgrade-evolution-debuginfocentos-upgrade-evolution-debugsourcecentos-upgrade-evolution-develcentos-upgrade-evolution-devel-docscentos-upgrade-evolution-ewscentos-upgrade-evolution-ews-debuginfocentos-upgrade-evolution-ews-debugsourcecentos-upgrade-evolution-ews-langpackscentos-upgrade-evolution-helpcentos-upgrade-evolution-langpackscentos-upgrade-evolution-pstcentos-upgrade-evolution-pst-debuginfocentos-upgrade-evolution-spamassassincentos-upgrade-evolution-spamassassin-debuginfo

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today