This vulnerability is currently awaiting analysis.
Dell EMC Unisphere for PowerMax versions before 184.108.40.206, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 220.127.116.11, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim’s traffic to view or modify a victim’s data in transit.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].
|CWE-295||Improper Certificate Validation||Dell|
0 change records found show changes
CVE Dictionary Entry:
NVD Published Date:
NVD Last Modified: