CVE-2025-40896 in Arc정보

요약

\~에 의해 MITRE • 2026. 03. 04.

The server certificate was not verified when an Arc agent connected to a Guardian or CMC.

A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive information (such as assets and alerts), impersonation of the server, or injection of spoofed data (such as false asset information or vulnerabilities) into the Guardian or CMC.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

Nozomi

예약하다

2025. 04. 16.

공개

2026. 03. 04.

모더레이션

수락

항목

VDB-348720

CPE

준비됨

CWE

CWE-295 (확인됨)

CVSS

4.8 (NVD)

EPSS

0.00032

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-40896
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-40896
CVE Details	https://www.cvedetails.com/cve/CVE-2025-40896/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!