exploitDog

GHSA-7429-7ch3-hxxp

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 3.7

Описание

Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).

Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).

Ссылки

EPSS

Процентиль: 33%

0.00131

Низкий

3.7 Low

CVSS3

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2021-36382

CVSS3: 2.6

nvd

больше 4 лет назад

Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).

EPSS

Процентиль: 33%

0.00131

Низкий

3.7 Low

CVSS3

CVE ID

Дефекты

CWE-295