CVE-2024-39771

CVSS 4.2 MEDIUMEPSS 0.1%CWE-295

QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack.

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Productos afectados

Safie Inc. · QBiC CLOUD CC-2L Safie Inc. · Safie One

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://jvn.jp/en/jp/JVN83440451/https://safie.jp/information/post_6933/