CVE-2022-36173

2022-09-1220:56:05

mitre

www.cve.org

freshservice

vulnerable

tls

man-in-the-middle

freshagent

scheduled update

AI Score

Confidence

High

EPSS

0.002

Percentile

55.3%

JSON

FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service.

References

community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent

public-exposure.inform.social/post/integrity-checking/