Описание
Sliver from v1.5.x to v1.5.39 has an improper cryptographic implementation, which allows attackers to execute a man-in-the-middle attack via intercepted and crafted responses.
Ссылки
- Release Notes
- Third Party Advisory
- Broken Link
- Third Party Advisory
- Release Notes
- Third Party Advisory
- Broken Link
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.5.0 (включая) до 1.5.40 (исключая)
cpe:2.3:a:bishopfox:sliver:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
8.1 High
CVSS3
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 8.1
github
больше 2 лет назад
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability
EPSS
Процентиль: 16%
0.0005
Низкий
8.1 High
CVSS3
Дефекты
CWE-327