CWE-296
Improper Following of a Certificate's Chain of Trust
The product does not follow, or incorrectly follows, the chain of trust for a certificate back to a trusted root certificate, resulting in incorrect trust of any resource that is associated with that certificate.
CVE-2019-3762 (GCVE-0-2019-3762)
Vulnerability from cvelistv5
Published
2020-03-18 18:20
Modified
2024-09-16 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Data Protection Central |
Version: 1.0, 1.0.1, 18.1, 18.2, 19.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dell.com/support/security/en-us/details/537007/DSA-2019-135-Dell-EMC-Data-Protection-Central-Improper-Chain-of-Trust-Vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Data Protection Central",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "1.0, 1.0.1, 18.1, 18.2, 19.1"
}
]
}
],
"datePublic": "2019-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-18T18:20:16",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dell.com/support/security/en-us/details/537007/DSA-2019-135-Dell-EMC-Data-Protection-Central-Improper-Chain-of-Trust-Vulnerability"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"DATE_PUBLIC": "2019-09-04",
"ID": "CVE-2019-3762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data Protection Central",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0, 1.0.1, 18.1, 18.2, 19.1"
}
]
}
}
]
},
"vendor_name": "Dell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid system to compromise the integrity of data."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.dell.com/support/security/en-us/details/537007/DSA-2019-135-Dell-EMC-Data-Protection-Central-Improper-Chain-of-Trust-Vulnerability",
"refsource": "MISC",
"url": "https://www.dell.com/support/security/en-us/details/537007/DSA-2019-135-Dell-EMC-Data-Protection-Central-Improper-Chain-of-Trust-Vulnerability"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3762",
"datePublished": "2020-03-18T18:20:16.283199Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T23:15:44.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3890 (GCVE-0-2019-3890)
Vulnerability from cvelistv5
Published
2019-08-01 13:22
Modified
2024-08-04 19:19
Severity ?
VLAI Severity ?
EPSS score ?
Summary
It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Gnome Project | evolution-ews |
Version: 3.31.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/evolution-ews/issues/27"
},
{
"name": "RHSA-2019:3699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "evolution-ews",
"vendor": "The Gnome Project",
"versions": [
{
"status": "affected",
"version": "3.31.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-06T00:08:31",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://gitlab.gnome.org/GNOME/evolution-ews/issues/27"
},
{
"name": "RHSA-2019:3699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3699"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "evolution-ews",
"version": {
"version_data": [
{
"version_value": "3.31.3"
}
]
}
}
]
},
"vendor_name": "The Gnome Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "8.1/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-296"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890"
},
{
"name": "https://gitlab.gnome.org/GNOME/evolution-ews/issues/27",
"refsource": "CONFIRM",
"url": "https://gitlab.gnome.org/GNOME/evolution-ews/issues/27"
},
{
"name": "RHSA-2019:3699",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3699"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-3890",
"datePublished": "2019-08-01T13:22:55",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-08-04T19:19:18.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1566 (GCVE-0-2021-1566)
Vulnerability from cvelistv5
Published
2021-06-16 17:45
Modified
2024-11-07 22:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Web Security Appliance (WSA) |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210616 Cisco\u00a0Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1566",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:43:43.312770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:08:10.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance (WSA)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-16T17:45:41",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210616 Cisco\u00a0Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW"
}
],
"source": {
"advisory": "cisco-sa-esa-wsa-cert-vali-n8L97RW",
"defect": [
[
"CSCvw08342",
"CSCvw08378"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco\u00a0Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-16T16:00:00",
"ID": "CVE-2021-1566",
"STATE": "PUBLIC",
"TITLE": "Cisco\u00a0Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance (WSA)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to intercept traffic between an affected device and the AMP servers. This vulnerability is due to improper certificate validation when an affected device establishes TLS connections. A man-in-the-middle attacker could exploit this vulnerability by sending a crafted TLS packet to an affected device. A successful exploit could allow the attacker to spoof a trusted host and then extract sensitive information or alter certain API requests."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-296"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210616 Cisco\u00a0Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-cert-vali-n8L97RW"
}
]
},
"source": {
"advisory": "cisco-sa-esa-wsa-cert-vali-n8L97RW",
"defect": [
[
"CSCvw08342",
"CSCvw08378"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1566",
"datePublished": "2021-06-16T17:45:41.215864Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:08:10.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23155 (GCVE-0-2021-23155)
Vulnerability from cvelistv5
Published
2021-11-18 17:58
Modified
2024-09-17 00:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Client for Android 8.60 versions prior to 8.60.065; version 8.50 and prior versions.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Gallagher | Command Centre Mobile Client for Android |
Version: unspecified < Version: 8.60 < 8.60.065 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23155"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Command Centre Mobile Client for Android",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.50",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.60.065",
"status": "affected",
"version": "8.60",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Client for Android 8.60 versions prior to 8.60.065; version 8.50 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T17:58:23",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23155"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "disclosures@gallagher.com",
"DATE_PUBLIC": "2021-11-15T07:34:00.000Z",
"ID": "CVE-2021-23155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Command Centre Mobile Client for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.60",
"version_value": "8.60.065"
},
{
"version_affected": "\u003c=",
"version_value": "8.50"
}
]
}
}
]
},
"vendor_name": "Gallagher"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Client for Android 8.60 versions prior to 8.60.065; version 8.50 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.gallagher.com/Security-Advisories/CVE-2021-23155",
"refsource": "MISC",
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23155"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2021-23155",
"datePublished": "2021-11-18T17:58:23.511142Z",
"dateReserved": "2021-01-26T00:00:00",
"dateUpdated": "2024-09-17T00:21:06.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23162 (GCVE-0-2021-23162)
Vulnerability from cvelistv5
Published
2021-11-18 17:59
Modified
2024-09-16 22:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Connect for Android 15 versions prior to 15.04.040; version 14 and prior versions.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Gallagher | Command Centre Mobile Connect for Android |
Version: unspecified < Version: 15 < 15.04.040 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23162"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Command Centre Mobile Connect for Android",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "14",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "15.04.040",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Connect for Android 15 versions prior to 15.04.040; version 14 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T17:59:11",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23162"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "disclosures@gallagher.com",
"DATE_PUBLIC": "2021-11-15T07:34:00.000Z",
"ID": "CVE-2021-23162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Command Centre Mobile Connect for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "15",
"version_value": "15.04.040"
},
{
"version_affected": "\u003c=",
"version_value": "14"
}
]
}
}
]
},
"vendor_name": "Gallagher"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper validation of the cloud certificate chain in Mobile Connect allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Connect for Android 15 versions prior to 15.04.040; version 14 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.gallagher.com/Security-Advisories/CVE-2021-23162",
"refsource": "MISC",
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23162"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2021-23162",
"datePublished": "2021-11-18T17:59:11.849916Z",
"dateReserved": "2021-01-26T00:00:00",
"dateUpdated": "2024-09-16T22:35:10.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-44532 (GCVE-0-2021-44532)
Vulnerability from cvelistv5
Published
2022-02-24 18:27
Modified
2025-04-30 22:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust ()
Summary
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:25:16.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1429694"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0007/"
},
{
"name": "DSA-5170",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5170"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Node",
"vendor": "NodeJS",
"versions": [
{
"lessThan": "4.*",
"status": "affected",
"version": "4.0",
"versionType": "semver"
},
{
"lessThan": "5.*",
"status": "affected",
"version": "5.0",
"versionType": "semver"
},
{
"lessThan": "6.*",
"status": "affected",
"version": "6.0",
"versionType": "semver"
},
{
"lessThan": "7.*",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.*",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "9.*",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThan": "10.*",
"status": "affected",
"version": "10.0",
"versionType": "semver"
},
{
"lessThan": "11.*",
"status": "affected",
"version": "11.0",
"versionType": "semver"
},
{
"lessThan": "12.22.9",
"status": "affected",
"version": "12.0",
"versionType": "semver"
},
{
"lessThan": "13.*",
"status": "affected",
"version": "13.0",
"versionType": "semver"
},
{
"lessThan": "14.18.3",
"status": "affected",
"version": "14.0",
"versionType": "semver"
},
{
"lessThan": "15.*",
"status": "affected",
"version": "15.0",
"versionType": "semver"
},
{
"lessThan": "16.13.2",
"status": "affected",
"version": "16.0",
"versionType": "semver"
},
{
"lessThan": "17.3.1",
"status": "affected",
"version": "17.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Node.js \u003c 12.22.9, \u003c 14.18.3, \u003c 16.13.2, and \u003c 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "Improper Following of a Certificate\u0027s Chain of Trust (CWE-296)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T22:24:39.850Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1429694"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0007/"
},
{
"name": "DSA-5170",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5170"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-44532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "https://github.com/nodejs/node",
"version": {
"version_data": [
{
"version_value": "Fixed in 12.22.9, 14.18.3, 16.13.2, 17.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Node.js \u003c 12.22.9, \u003c 14.18.3, \u003c 16.13.2, and \u003c 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Following of a Certificate\u0027s Chain of Trust (CWE-296)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/1429694",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1429694"
},
{
"name": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/",
"refsource": "MISC",
"url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220325-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220325-0007/"
},
{
"name": "DSA-5170",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5170"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-44532",
"datePublished": "2022-02-24T18:27:01",
"dateReserved": "2021-12-02T00:00:00",
"dateUpdated": "2025-04-30T22:24:39.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43196 (GCVE-0-2024-43196)
Vulnerability from cvelistv5
Published
2025-02-20 03:42
Modified
2025-08-15 14:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
IBM OpenPages with Watson 8.3 and 9.0
application could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users' responses.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | OpenPages with Watson |
Version: 8.3, 9.0 cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T16:47:53.134306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T16:48:42.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "OpenPages with Watson",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.3, 9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM OpenPages with Watson 8.3 and 9.0\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eapplication could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users\u0027 responses.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "IBM OpenPages with Watson 8.3 and 9.0\u00a0\n\napplication could allow an authenticated user to manipulate data in the Questionnaires application allowing the user to spoof other users\u0027 responses."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T14:32:19.795Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7183541"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM OpenPages data manipulation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-43196",
"datePublished": "2025-02-20T03:42:12.195Z",
"dateReserved": "2024-08-07T13:29:48.160Z",
"dateUpdated": "2025-08-15T14:32:19.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1146 (GCVE-0-2025-1146)
Vulnerability from cvelistv5
Published
2025-02-12 18:27
Modified
2025-02-12 19:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack. CrowdStrike identified this issue internally and released a security fix in all Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor versions 7.06 and above.
CrowdStrike identified this issue through our longstanding, rigorous security review process, which has been continually strengthened with deeper source code analysis and ongoing program enhancements as part of our commitment to security resilience. CrowdStrike has no indication of any exploitation of this issue in the wild. CrowdStrike has leveraged its world class threat hunting and intelligence capabilities to actively monitor for signs of abuse or usage of this flaw and will continue to do so.
Windows and Mac sensors are not affected by this.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | CrowdStrike | Falcon sensor for Linux |
Version: 7.20 ≤ Version: 7.19 ≤ Version: 7.18 ≤ Version: 7.17 ≤ Version: 7.16 ≤ Version: 7.15 ≤ Version: 7.14 ≤ Version: 7.13 ≤ Version: 7.11 ≤ Version: 7.10 ≤ Version: 7.07 ≤ Version: 7.06 ≤ |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:40:26.132160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:40:41.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"packageName": "falcon-sensor",
"platforms": [
"Linux"
],
"product": "Falcon sensor for Linux",
"vendor": "CrowdStrike",
"versions": [
{
"status": "unaffected",
"version": "7.21.17405",
"versionType": "semver"
},
{
"lessThan": "7.20.17308",
"status": "affected",
"version": "7.20",
"versionType": "semver"
},
{
"lessThan": "7.19.17221",
"status": "affected",
"version": "7.19",
"versionType": "semver"
},
{
"lessThan": "7.18.17131",
"status": "affected",
"version": "7.18",
"versionType": "semver"
},
{
"lessThan": "7.17.17014",
"status": "affected",
"version": "7.17",
"versionType": "semver"
},
{
"lessThan": "7.16.16909",
"status": "affected",
"version": "7.16",
"versionType": "semver"
},
{
"lessThan": "7.15.16806",
"status": "affected",
"version": "7.15",
"versionType": "semver"
},
{
"lessThan": "7.14.16705",
"status": "affected",
"version": "7.14",
"versionType": "semver"
},
{
"lessThan": "7.13.16606",
"status": "affected",
"version": "7.13",
"versionType": "semver"
},
{
"lessThan": "7.11.16410",
"status": "affected",
"version": "7.11",
"versionType": "semver"
},
{
"lessThan": "7.10.16321",
"status": "affected",
"version": "7.10",
"versionType": "semver"
},
{
"lessThan": "7.07.16209",
"status": "affected",
"version": "7.07",
"versionType": "semver"
},
{
"lessThan": "7.06.16113",
"status": "affected",
"version": "7.06",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "Falcon Kubernetes Admission Controller",
"vendor": "CrowdStrike",
"versions": [
{
"status": "unaffected",
"version": "7.21.1904",
"versionType": "semver"
},
{
"lessThan": "7.20.1808",
"status": "affected",
"version": "7.20",
"versionType": "semver"
},
{
"lessThan": "7.18.1605",
"status": "affected",
"version": "7.18",
"versionType": "semver"
},
{
"lessThan": "7.17.1503",
"status": "affected",
"version": "7.17",
"versionType": "semver"
},
{
"lessThan": "7.16.1403",
"status": "affected",
"version": "7.16",
"versionType": "semver"
},
{
"lessThan": "7.14.1203",
"status": "affected",
"version": "7.14",
"versionType": "semver"
},
{
"lessThan": "7.13.1102",
"status": "affected",
"version": "7.13",
"versionType": "semver"
},
{
"lessThan": "7.12.1002",
"status": "affected",
"version": "7.12",
"versionType": "semver"
},
{
"lessThan": "7.11.904",
"status": "affected",
"version": "7.11",
"versionType": "semver"
},
{
"lessThan": "7.10.806",
"status": "affected",
"version": "7.10",
"versionType": "semver"
},
{
"lessThan": "7.06.603",
"status": "affected",
"version": "7.06",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unknown",
"platforms": [
"Linux"
],
"product": "Falcon Container Sensor",
"vendor": "CrowdStrike",
"versions": [
{
"status": "unaffected",
"version": "7.21.6003",
"versionType": "semver"
},
{
"lessThan": "7.20.5908",
"status": "affected",
"version": "7.20",
"versionType": "semver"
},
{
"lessThan": "7.19.5807",
"status": "affected",
"version": "7.19",
"versionType": "semver"
},
{
"lessThan": "7.18.5705",
"status": "affected",
"version": "7.18",
"versionType": "semver"
},
{
"lessThan": "7.17.5603",
"status": "affected",
"version": "7.17",
"versionType": "semver"
},
{
"lessThan": "7.16.5503",
"status": "affected",
"version": "7.16",
"versionType": "semver"
},
{
"lessThan": "7.15.5403",
"status": "affected",
"version": "7.15",
"versionType": "semver"
},
{
"lessThan": "7.14.5306",
"status": "affected",
"version": "7.14",
"versionType": "semver"
},
{
"lessThan": "7.13.5202",
"status": "affected",
"version": "7.13",
"versionType": "semver"
},
{
"lessThan": "7.12.5102",
"status": "affected",
"version": "7.12",
"versionType": "semver"
},
{
"lessThan": "7.11.5003",
"status": "affected",
"version": "7.11",
"versionType": "semver"
},
{
"lessThan": "7.10.4907",
"status": "affected",
"version": "7.10",
"versionType": "semver"
},
{
"lessThan": "7.06.4705",
"status": "affected",
"version": "7.06",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.20.17308",
"versionStartIncluding": "7.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.19.17221",
"versionStartIncluding": "7.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.18.17131",
"versionStartIncluding": "7.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.17.17014",
"versionStartIncluding": "7.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.16.16909",
"versionStartIncluding": "7.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.15.16806",
"versionStartIncluding": "7.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.14.16705",
"versionStartIncluding": "7.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.13.16606",
"versionStartIncluding": "7.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.11.16410",
"versionStartIncluding": "7.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.10.16321",
"versionStartIncluding": "7.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.07.16209",
"versionStartIncluding": "7.07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:crowdstrike:falcon:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "7.06.16113",
"versionStartIncluding": "7.06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"datePublic": "2025-02-12T18:27:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack. CrowdStrike identified this issue internally and released a security fix in all Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor versions 7.06 and above.\u003cbr\u003e\u003cbr\u003e \u003cbr\u003eCrowdStrike identified this issue through our longstanding, rigorous security review process, which has been continually strengthened with deeper source code analysis and ongoing program enhancements as part of our commitment to security resilience. CrowdStrike has no indication of any exploitation of this issue in the wild. CrowdStrike has leveraged its world class threat hunting and intelligence capabilities to actively monitor for signs of abuse or usage of this flaw and will continue to do so. \u003cbr\u003e\u003cbr\u003e\u003cbr\u003eWindows and Mac sensors are not affected by this.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where our TLS connection routine to the CrowdStrike cloud can incorrectly process server certificate validation. This could allow an attacker with the ability to control network traffic to potentially conduct a man-in-the-middle (MiTM) attack. CrowdStrike identified this issue internally and released a security fix in all Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor versions 7.06 and above.\n\n \nCrowdStrike identified this issue through our longstanding, rigorous security review process, which has been continually strengthened with deeper source code analysis and ongoing program enhancements as part of our commitment to security resilience. CrowdStrike has no indication of any exploitation of this issue in the wild. CrowdStrike has leveraged its world class threat hunting and intelligence capabilities to actively monitor for signs of abuse or usage of this flaw and will continue to do so. \n\n\nWindows and Mac sensors are not affected by this."
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T18:48:50.205Z",
"orgId": "13ddcd98-6f4a-40a8-8e24-29ca0aee4661",
"shortName": "CrowdStrike"
},
"references": [
{
"url": "https://www.crowdstrike.com/security-advisories/cve-2025-1146/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CrowdStrike Falcon Sensor for Linux TLS Issue",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "13ddcd98-6f4a-40a8-8e24-29ca0aee4661",
"assignerShortName": "CrowdStrike",
"cveId": "CVE-2025-1146",
"datePublished": "2025-02-12T18:27:35.458Z",
"dateReserved": "2025-02-10T03:03:51.392Z",
"dateUpdated": "2025-02-12T19:40:41.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22459 (GCVE-0-2025-22459)
Vulnerability from cvelistv5
Published
2025-04-08 14:25
Modified
2025-04-08 15:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ivanti | Endpoint Manager |
Patch: 2024 SU1 Patch: 2022 SU7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22459",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T15:24:28.541549Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:37:26.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Endpoint Manager",
"vendor": "Ivanti",
"versions": [
{
"status": "unaffected",
"version": "2024 SU1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2022 SU7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper certificate validation\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e in \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIvanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e allows a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eremote\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eunauthenti\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ec\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eate\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ed \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eattacker \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eto intercept limited traffic between clients and servers.\u003c/span\u003e"
}
],
"value": "Improper certificate validation in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote unauthenticated attacker to intercept limited traffic between clients and servers."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:25:57.827Z",
"orgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"shortName": "ivanti"
},
"references": [
{
"url": "https://forums.ivanti.com/s/article/Security-Advisory-EPM-April-2025-for-EPM-2024-and-EPM-2022-SU6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c1d8aa1-5a33-4ea4-8992-aadd6440af75",
"assignerShortName": "ivanti",
"cveId": "CVE-2025-22459",
"datePublished": "2025-04-08T14:25:57.827Z",
"dateReserved": "2025-01-07T02:19:22.797Z",
"dateUpdated": "2025-04-08T15:37:26.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48057 (GCVE-0-2025-48057)
Vulnerability from cvelistv5
Published
2025-05-27 16:32
Modified
2025-05-27 18:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Summary
Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6.
References
| ► | URL | Tags |
|---|---|---|
|
|
||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48057",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T18:20:40.298192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T18:27:57.002Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "icinga2",
"vendor": "Icinga",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.14.0, \u003c 2.14.6"
},
{
"status": "affected",
"version": "\u003e= 2.13.0, \u003c 2.13.12"
},
{
"status": "affected",
"version": "\u003c 2.12.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate() function can be tricked into incorrectly treating certificates as valid. This allows an attacker to send a malicious certificate request that is then treated as a renewal of an already existing certificate, resulting in the attacker obtaining a valid certificate that can be used to impersonate trusted nodes. This only occurs when Icinga 2 is built with OpenSSL older than version 1.1.0. This issue has been patched in versions 2.12.12, 2.13.12, and 2.14.6."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296: Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T16:32:29.931Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Icinga/icinga2/security/advisories/GHSA-7vcf-f5v9-3wr6"
},
{
"name": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Icinga/icinga2/commit/34c93a2542bbe4e9886d15bc17ec929ead1aa152"
},
{
"name": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Icinga/icinga2/commit/4023128be42b18a011dda71ddee9ca79955b89cb"
},
{
"name": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Icinga/icinga2/commit/60f75f4a3d5cbb234eb3694ba7e9076a1a5b8776"
},
{
"name": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Icinga/icinga2/commit/9ad5683aab9eb392c6737ff46c830a945c9e240f"
},
{
"name": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Icinga/icinga2/commit/9b2c05d0cc09210bdeade77cf9a73859250fc48d"
}
],
"source": {
"advisory": "GHSA-7vcf-f5v9-3wr6",
"discovery": "UNKNOWN"
},
"title": "Icinga 2 certificate renewal might incorrectly renew an invalid certificate"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-48057",
"datePublished": "2025-05-27T16:32:29.931Z",
"dateReserved": "2025-05-15T16:06:40.940Z",
"dateUpdated": "2025-05-27T18:27:57.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Ensure that proper certificate checking is included in the system design.
Mitigation
Phase: Implementation
Description:
- Understand, and properly implement all checks necessary to ensure the integrity of certificate trust integrity.
Mitigation
Phase: Implementation
Description:
- If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the full chain of trust.
No CAPEC attack patterns related to this CWE.