CVE-2017-3218

Опубликовано: 21 июн. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 8.3

EPSS Низкий

Описание

Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates.

Ссылки

http://www.securityfocus.com/bid/99081
Third Party Advisory
VDB Entry
https://www.kb.cert.org/vuls/id/846320
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/99081
Third Party Advisory
VDB Entry
https://www.kb.cert.org/vuls/id/846320
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:samsung:magician:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00018

Низкий

8.8 High

CVSS3

8.3 High

CVSS2

Дефекты

CWE-295

CWE-345

Связанные уязвимости

GHSA-7xpm-33wp-wg2w