Описание
Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle (MITM) attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensitive design data.
EPSS
Процентиль: 6%
0.00024
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 5.3
github
17 дней назад
Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle (MITM) attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensitive design data.
EPSS
Процентиль: 6%
0.00024
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-295