Описание
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Ссылки
- Exploit
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Exploit
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
5.9 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
Lynx does not verify that the server's certificate is signed by a trus ...
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.
EPSS
5.9 Medium
CVSS3
5.8 Medium
CVSS2