CVE-2023-49250
Published Feb 20, 2024
Last updated 9 months ago
Overview
- Description
- Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle (MITM) attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: before 3.2.0. Users are recommended to upgrade to version 3.2.1, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Awaiting Analysis
Weaknesses
- security@apache.org
- CWE-295
Social media
- Hype score
- Not currently trending