5.9

CVSS Score

3.0

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-1000209

CVE-2017-1000209: nv-websocket-client allows attackers to spoof SSL/TLS servers via an arbitrary valid certificate

The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS servers via an arbitrary valid certificate.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2017-1000209

CVE-2017-1000209:

5.9

CVSS Score

3.0

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.neovisionaries:nv-websocket-client	maven	< 2.1	2.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability fundamentally occurs in two key areas:

Socket creation (WebSocketFactory.createSocket) where SSL context is established without hostname validation
Hostname verification logic (HostnameVerifier.verify) that was missing CN/subjectAltName checks

These functions would appear in stack traces during SSL handshake and certificate validation phases when an attacker presents a mismatched certificate. The high confidence comes from the CVE's explicit description of missing hostname verification - a security control that would be implemented precisely in these SSL/TLS-handling functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.9

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2017-1000209: nv-websocket-client allows attackers to spoof SSL/TLS servers via an arbitrary valid certificate

CVE-2017-1000209:

5.9

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2017-1000209: nv-websocket-client allows attackers to spoof SSL/TLS servers via an arbitrary valid certificate

5.9

5.9

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI