Описание
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:meetcircle:circle_with_disney_firmware:2.0.1:*:*:*:*:*:*:*
cpe:2.3:h:meetcircle:circle_with_disney:-:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00243
Низкий
8.1 High
CVSS3
5.9 Medium
CVSS3
2.6 Low
CVSS2
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this vulnerability.
EPSS
Процентиль: 47%
0.00243
Низкий
8.1 High
CVSS3
5.9 Medium
CVSS3
2.6 Low
CVSS2
Дефекты
CWE-295