6 matches found
CVE-2024-8287
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this...
CVE-2024-8287
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this...
CVE-2024-8287
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this...
CVE-2024-8287
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this...
CVE-2024-8287
CVE-2024-8287 affects Anbox Management Service (AMS) versions 1.17.0–1.23.0. AMS does not validate the TLS certificate from the Anbox Stream Agent, enabling potential MITM from within an internal network. CVSS v3.1 base score 7.5 (HIGH) across confidentiality, integrity, and availability impacts;...
PT-2024-38915 · Unknown · Anbox Stream Agent +1
Name of the Vulnerable Software and Affected Versions: Anbox Management Service versions 1.17.0 through 1.23.0 Description: The issue concerns the failure to validate the TLS certificate provided by the Anbox Stream Agent. This could be exploited by an attacker who can intercept the communication...