Medium severity5.9OSV Advisory· Published Feb 20, 2018· Updated Jun 17, 2026
CVE-2017-17455
CVE-2017-17455
Description
Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2 are vulnerable to being forced, via a man-in-the-middle attack, to interact with Mahara on the HTTP protocol rather than HTTPS even when an SSL certificate is present.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
216.10.0_RELEASE, 16.10.1_RELEASE, 16.10.2_RELEASE, …+ 1 more
- (no CPE)range: 16.10.0_RELEASE, 16.10.1_RELEASE, 16.10.2_RELEASE, …
- (no CPE)range: <16.10.7, <17.04.5, <17.10.2
Patches
Vulnerability mechanics
References
3- bugs.launchpad.net/mahara/+bug/1734767nvdThird Party Advisory
- mahara.org/interaction/forum/topic.phpnvdVendor Advisory
- reviews.mahara.orgnvdVendor Advisory
News mentions
0No linked articles in our index yet.