CVE-2018-15784
DSA-2019-001: Dell Networking OS10 Improper Certificate Validation Vulnerability
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Productos afectados
Dell · Dell Networking OS10¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →