VYPR
Medium severity5.9OSV Advisory· Published Feb 20, 2018· Updated Jun 17, 2026

CVE-2017-17455

CVE-2017-17455

Description

Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2 are vulnerable to being forced, via a man-in-the-middle attack, to interact with Mahara on the HTTP protocol rather than HTTPS even when an SSL certificate is present.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • 16.10.0_RELEASE, 16.10.1_RELEASE, 16.10.2_RELEASE, …+ 1 more
    • (no CPE)range: 16.10.0_RELEASE, 16.10.1_RELEASE, 16.10.2_RELEASE, …
    • (no CPE)range: <16.10.7, <17.04.5, <17.10.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.