CVE-2022-21170

Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.
References
Link Resource
https://download.daj.co.jp/user/dspa/V3/ Permissions Required Vendor Advisory
https://download.daj.co.jp/user/dspa/V4/ Permissions Required Vendor Advisory
https://download.daj.co.jp/user/ifb/ Permissions Required Vendor Advisory
https://download.daj.co.jp/user/ifilter/V10/ Permissions Required Vendor Advisory
https://download.daj.co.jp/user/ifilter/V9/ Permissions Required Vendor Advisory
https://jvn.jp/en/jp/JVN33214411/index.html Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:daj:i-filter_browser_\&_cloud_multiagent:*:*:*:*:*:windows:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:daj:i-filter:*:*:*:*:*:*:*:*
cpe:2.3:a:daj:i-filter:*:*:*:*:*:*:*:*
OR cpe:2.3:h:daj:dspa-15000_m5:3:*:*:*:*:*:*:*
cpe:2.3:h:daj:dspa-15000_m5:4:*:*:*:*:*:*:*
cpe:2.3:h:daj:dspa-2000_m4:4:*:*:*:*:*:*:*
cpe:2.3:h:daj:dspa-4000_m4:4:*:*:*:*:*:*:*
cpe:2.3:h:daj:dspa-7000_m5:3:*:*:*:*:*:*:*
cpe:2.3:h:daj:dspa-7000_m5:4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-03-10 17:45

Updated : 2024-02-28 19:09


NVD link : CVE-2022-21170

Mitre link : CVE-2022-21170

CVE.ORG link : CVE-2022-21170


JSON object : View

Products Affected

daj

  • dspa-7000_m5
  • i-filter_browser_\&_cloud_multiagent
  • dspa-4000_m4
  • dspa-15000_m5
  • dspa-2000_m4
  • i-filter
CWE
CWE-295

Improper Certificate Validation