Описание
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:samsung:knox:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00115
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
EPSS
Процентиль: 31%
0.00115
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-284