Lucene search
HistorySep 12, 2022 - 9:15 p.m.
CVE-2022-36173
freshservice
macos
agent
linux
tls
vulnerability
man-in-the-middle
freshagent
update service
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
55.3%
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service.
Affected configurations
Node
freshworksfreshservice_agentRange<2.12.0windows
ORfreshworksfreshservice_agentRange<3.4.0linux
ORfreshworksfreshservice_agentRange<4.4.0macos
ORfreshworksfreshservice_probeRange<4.11.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| freshworks | freshservice_agent | * | cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:windows:*:* |
| freshworks | freshservice_agent | * | cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:linux:*:* |
| freshworks | freshservice_agent | * | cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:macos:*:* |
| freshworks | freshservice_probe | * | cpe:2.3:a:freshworks:freshservice_probe:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-36173
2022-09-12 20:56:05
prion
prion
Design/Logic Flaw
2022-09-12 21:15:00
cve
cve
CVE-2022-36173
2022-09-12 21:15:10
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
55.3%
Related for NVD:CVE-2022-36173