Spoofing

2018-05-0919:29:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.0%

JSON

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka “Azure IoT SDK Spoofing Vulnerability.” This affects C# SDK, C SDK, Java SDK.

References

www.securityfocus.com/bid/104070

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8119

tools.cisco.com/security/center/viewAlert.x?alertId=57754&vs_f=Alert%20RSS&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Microsoft%20Azure%20IoT%20SDK%20AMQP%20Transport%20Library%20Spoofing%20Vulnerability&vs_k=1