Описание
Ecosystem Agent version 4 < 4.1.5.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position.
EPSS
Процентиль: 30%
0.0011
Низкий
3.8 Low
CVSS3
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 3.8
github
больше 1 года назад
Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position.
EPSS
Процентиль: 30%
0.0011
Низкий
3.8 Low
CVSS3
Дефекты
CWE-295