Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-3901

Опубликовано: 14 окт. 2010
Источник: nvd
CVSS2: 6.4
EPSS Низкий

Описание

OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1) does not correspond to the server hostname or (2) is presented in circumstances involving a missing --cafile configuration option.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:infradead:openconnect:*:*:*:*:*:*:*:*
Версия до 2.22 (включая)
cpe:2.3:a:infradead:openconnect:1.00:*:*:*:*:*:*:*
cpe:2.3:a:infradead:openconnect:1.10:*:*:*:*:*:*:*
cpe:2.3:a:infradead:openconnect:1.20:*:*:*:*:*:*:*
cpe:2.3:a:infradead:openconnect:1.30:*:*:*:*:*:*:*

EPSS

Процентиль: 36%
0.00152
Низкий

6.4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2010-3901

ubuntu
больше 15 лет назад

OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1) does not correspond to the server hostname or (2) is presented in circumstances involving a missing --cafile configuration option.

debian логотип

CVE-2010-3901

debian
больше 15 лет назад

OpenConnect before 2.25 does not properly validate X.509 certificates, ...

github логотип

GHSA-92px-2chv-hqhf

github
больше 3 лет назад

OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1) does not correspond to the server hostname or (2) is presented in circumstances involving a missing --cafile configuration option.

EPSS

Процентиль: 36%
0.00152
Низкий

6.4 Medium

CVSS2

Дефекты

CWE-20