Total
1039 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21836 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Windows Certificate Spoofing Vulnerability | |||||
| CVE-2022-21657 | 1 Envoyproxy | 1 Envoy | 2024-11-21 | 4.0 MEDIUM | 6.8 MEDIUM |
| Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage (id-kp-serverAuth and id-kp-clientAuth, respectively). This means that a peer may present an e-mail certificate (e.g. id-kp-emailProtection), either as a leaf certificate or as a CA in the chain, and it will be accepted for TLS. This is particularly bad when combined with the issue described in pull request #630, in that it allows a Web PKI CA that is intended only for use with S/MIME, and thus exempted from audit or supervision, to issue TLS certificates that will be accepted by Envoy. As a result Envoy will trust upstream certificates that should not be trusted. There are no known workarounds to this issue. Users are advised to upgrade. | |||||
| CVE-2022-21654 | 1 Envoyproxy | 1 Envoy | 2024-11-21 | 6.8 MEDIUM | 7.4 HIGH |
| Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade. | |||||
| CVE-2022-21170 | 1 Daj | 6 Dspa-15000 M5, Dspa-2000 M4, Dspa-4000 M4 and 3 more | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication. | |||||
| CVE-2022-20960 | 1 Cisco | 1 Email Security Appliance | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated. | |||||
| CVE-2022-20860 | 1 Cisco | 1 Nexus Dashboard | 2024-11-21 | N/A | 7.4 HIGH |
| A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus Dashboard is establishing a connection to Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC, or Cisco Nexus Dashboard Fabric Controller, formerly Data Center Network Manager (DCNM) controllers. An attacker could exploit this vulnerability by using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers. A successful exploit could allow the attacker to alter communications between devices or view sensitive information, including Administrator credentials for these controllers. | |||||
| CVE-2022-20813 | 1 Cisco | 2 Expressway, Telepresence Video Communication Server | 2024-11-21 | 4.3 MEDIUM | 9.0 CRITICAL |
| Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco Expressway Series refers to the Expressway Control (Expressway-C) device and the Expressway Edge (Expressway-E) device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20703 | 1 Cisco | 18 Rv160, Rv160 Firmware, Rv160w and 15 more | 2024-11-21 | 7.2 HIGH | 10.0 CRITICAL |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20081 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6735 and 24 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| In A-GPS, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06461919; Issue ID: ALPS06461919. | |||||
| CVE-2022-20071 | 2 Google, Mediatek | 8 Android, Mt6833, Mt6853 and 5 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ccu, there is a possible escalation of privilege due to a missing certificate validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06183315; Issue ID: ALPS06183315. | |||||
| CVE-2022-20034 | 2 Google, Mediatek | 22 Android, Mt6580, Mt6735 and 19 more | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160806. | |||||
| CVE-2022-1834 | 1 Mozilla | 1 Thunderbird | 2024-11-21 | N/A | 6.5 MEDIUM |
| When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown with an arbitrary sender email address chosen by the attacker. If the sender name started with a false email address, followed by many Braille space characters, the attacker's email address was not visible. Because Thunderbird compared the invisible sender address with the signature's email address, if the signing key or certificate was accepted by Thunderbird, the email was shown as having a valid digital signature. This vulnerability affects Thunderbird < 91.10. | |||||
| CVE-2022-1805 | 1 Teradici | 2 Tera2 Pcoip Zero Client, Tera2 Pcoip Zero Client Firmware | 2024-11-21 | N/A | 8.1 HIGH |
| When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM (Man in the Middle) between a zero client and AWS session provisioner in the network. This issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client. | |||||
| CVE-2022-1632 | 2 Fedoraproject, Redhat | 3 Fedora, Ansible Automation Platform, Openshift Container Platform | 2024-11-21 | N/A | 6.5 MEDIUM |
| An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confidentiality. | |||||
| CVE-2022-1343 | 2 Netapp, Openssl | 43 A250, A250 Firmware, A700s and 40 more | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. It is anticipated that most users of `OCSP_basic_verify` will not use the OCSP_NOCHECKS flag. In this case the `OCSP_basic_verify` function will return a negative value (indicating a fatal error) in the case of a certificate verification failure. The normal expected return value in this case would be 0. This issue also impacts the command line OpenSSL "ocsp" application. When verifying an ocsp response with the "-no_cert_checks" option the command line application will report that the verification is successful even though it has in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). | |||||
| CVE-2022-1197 | 1 Mozilla | 1 Thunderbird | 2024-11-21 | N/A | 5.4 MEDIUM |
| When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a revocation reason, were unaffected. This vulnerability affects Thunderbird < 91.8. | |||||
| CVE-2022-0759 | 1 Redhat | 1 Kubeclient | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM). | |||||
| CVE-2022-0123 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.9 MEDIUM | 5.9 MEDIUM |
| An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab does not validate SSL certificates for some of external CI services which makes it possible to perform MitM attacks on connections to these external services. | |||||
| CVE-2021-45490 | 1 3cx | 1 3cx | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The client applications in 3CX on Windows, the 3CX app for iOS, and the 3CX application for Android through 2022-03-17 lack SSL certificate validation. | |||||
| CVE-2021-45035 | 1 Velneo | 1 Vclient | 2024-11-21 | N/A | 6.3 MEDIUM |
| Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by default. This could allow an attacker that has access to the network to perform a MITM attack in order to obtain the userĀ“s credentials. | |||||