Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-19 | CVE-2023-20881 | Improper Certificate Validation vulnerability in Cloudfoundry Capi-Release, Cf-Deployment and Loggregator-Agent Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. | 8.1 |
| 2023-05-18 | CVE-2022-45457 | Improper Certificate Validation vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper certification validation. | 7.5 |
| 2023-05-18 | CVE-2022-45458 | Improper Certificate Validation vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure and manipulation due to improper certification validation. | 7.5 |
| 2023-05-16 | CVE-2023-32994 | Improper Certificate Validation vulnerability in Jenkins Saml Single Sign on Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections. | 3.7 |
| 2023-05-10 | CVE-2023-31151 | Improper Certificate Validation vulnerability in Selinc products An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) attack. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.2 |
| 2023-05-10 | CVE-2023-23901 | Improper Certificate Validation vulnerability in Seiko-Sol products Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. | 6.5 |
| 2023-05-03 | CVE-2022-39161 | Improper Certificate Validation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. | 5.3 |
| 2023-05-03 | CVE-2023-24461 | Improper Certificate Validation vulnerability in F5 Big-Ip Access Policy Manager An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 5.9 |
| 2023-05-01 | CVE-2022-48186 | Improper Certificate Validation vulnerability in Lenovo Baiying A certificate validation vulnerability exists in the Baiying Android application which could lead to information disclosure. | 7.5 |
| 2023-04-29 | CVE-2023-31484 | Improper Certificate Validation vulnerability in multiple products CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. | 8.1 |