Описание
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Broken Link
- ExploitIssue TrackingThird Party Advisory
- Broken Link
Уязвимые конфигурации
Одно из
EPSS
5.9 Medium
CVSS3
2.6 Low
CVSS2
Дефекты
Связанные уязвимости
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail.
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verificati ...
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail.
EPSS
5.9 Medium
CVSS3
2.6 Low
CVSS2