VDB

RHSA-2015%3A1551

RHSA-2015%3A1551 PUBLISHED CVSS 5.800000190734863 MEDIUM

It was found that async-http-client would disable SSL/TLS certificate verification under certain conditions, for example if HTTPS communication also used client certificates. A man-in-the-middle (MITM) attacker could use this flaw to spoof a valid certificate.

Risk Scores

CVSS 2.0
5.800000190734863

Affected Products

VendorProductVersions
Red HatRed Hat JBoss Fuse Service Works 6.0

Timeline

  • Aug 5, 2015 CVE Published
  • Jan 28, 2026 CVE Updated
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Distribution Patch
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
  • Apr 30, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›