CVE-2013-7304

2014-01-22T14:55:06
ID CVE-2013-7304
Type cve
Reporter NVD
Modified 2017-08-28T21:34:07

Description

Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by presenting an arbitrary certificate during a session established by a client.