Описание
Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack by presenting a certificate for a different host.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2024.3.20.0 (исключая)Версия до 2024.3.20.0 (исключая)
Одно из
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:free:windows:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:team:windows:*:*
EPSS
Процентиль: 17%
0.00053
Низкий
8.1 High
CVSS3
Дефекты
CWE-295
CWE-295
Связанные уязвимости
CVSS3: 8.1
github
12 месяцев назад
Improper host validation in the certificate validation component in Devolutions Remote Desktop Manager on 2024.3.19 and earlier on Windows allows an attacker to intercept and modify encrypted communications via a man-in-the-middle attack by presenting a certificate for a different host.
EPSS
Процентиль: 17%
0.00053
Низкий
8.1 High
CVSS3
Дефекты
CWE-295
CWE-295