CVE-2018-15784 in Networking OS10info

Zusammenfassung

von MITRE

Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

23.08.2018

Veröffentlichung

18.01.2019

Moderieren

akzeptiert

Eintrag

VDB-129958

CPE

bereit

CWE

CWE-295 (bestätigt)

CVSS

7.4 (NVD)

EPSS

0.00610

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-15784
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-15784
CVE Details	https://www.cvedetails.com/cve/CVE-2018-15784/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!