Vulnerabilities > Improper Certificate Validation

DATE CVE VULNERABILITY TITLE RISK
2019-06-12 CVE-2019-3875 Improper Certificate Validation vulnerability in Redhat Keycloak and Single Sign-On
A vulnerability was found in keycloak before 6.0.2.
network
high complexity
redhat CWE-295
4.8
2019-06-11 CVE-2019-10334 Improper Certificate Validation vulnerability in Jenkins Electricflow
Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when MultipartUtility.java is used to upload files.
network
high complexity
jenkins CWE-295
6.5
2019-06-07 CVE-2018-20135 Improper Certificate Validation vulnerability in Samsung Galaxy Apps
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack.
network
high complexity
samsung CWE-295
8.1
2019-05-31 CVE-2019-12496 Improper Certificate Validation vulnerability in Hybridgroup Gobot
An issue was discovered in Hybrid Group Gobot before 1.13.0.
network
low complexity
hybridgroup CWE-295
7.5
2019-05-29 CVE-2019-4264 Improper Certificate Validation vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sensitive information by spoofing a trusted entity using man in the middle techniques due to not validating or incorrectly validating a certificate.
network
high complexity
ibm CWE-295
5.9
2019-05-08 CVE-2019-11550 Improper Certificate Validation vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
network
high complexity
citrix CWE-295
5.9
2019-05-08 CVE-2018-5408 Improper Certificate Validation vulnerability in Printerlogic Print Management 18.3.1.96
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate.
network
high complexity
printerlogic CWE-295
7.4
2019-05-03 CVE-2019-1859 Improper Certificate Validation vulnerability in Cisco products
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication.
network
low complexity
cisco CWE-295
7.2
2019-05-03 CVE-2019-1590 Improper Certificate Validation vulnerability in Cisco Nx-Os 14.1(0.90)/8.3(0)Sk(0.39)
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device.
network
high complexity
cisco CWE-295
8.1
2019-04-30 CVE-2019-10317 Improper Certificate Validation vulnerability in Jenkins Sitemonitor
Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.
network
high complexity
jenkins CWE-295
5.9