CVE-2024-28067

A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle MITM attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext...

CVE-2023-50178

FortiADC is affected by an improper certificate validation vulnerability (CWE-295) that may allow remote, unauthenticated attackers to perform a Man-in-the-Middle on the channel between FortiADC devices and remote servers (e.g., private SDN connectors, FortiToken Cloud). Connected sources consist...

PT-2024-22248 · Samsung · Samsung Exynos Modem 5300

Name of the Vulnerable Software and Affected Versions: Samsung Exynos Modem 5300 affected versions not specified Description: A Man-in-the-Middle MITM attacker can exploit this issue to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victi...

CVE-2024-5275

A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle MiTM attack against users of the...

CVE-2024-5275

CVE-2024-5275 involves a hard-coded password in the FileCatalyst TransferAgent that can unlock the keystore and expose contents such as private keys, enabling potential MiTM on affected users. Affected products and versions: FileCatalyst Direct 3.8.10 Build 138 and earlier, and FileCatalyst Workf...

CVE-2024-5275 Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)

A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle MiTM attack against users of the...

CVE-2024-5275 Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)

A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle MiTM attack against users of the...

CVE-2024-21988

StorageGRID formerly StorageGRID Webscale versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation...

RHEL 8 : pidgin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pidgin: MITM attack possible on non-DNSSEC XMPP connections CVE-2022-26491 Note that Nessus has not tested for this...

aiosmtpd STARTTLS unencrypted commands injection

Summary Servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a MitM attack. References NO STARTTLS: Similar vulnerabilities discovered by previous researchers...

CVE-2024-30209

A vulnerability has been identified in SIMATIC RTLS Locating Manager 6GT2780-0DA00 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA10 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA20 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA30 All versions...

CVE-2024-28134

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

Security Bulletin: IBM DataPower Gateway vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)

Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms offered,...

CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

CVE-2024-28134

Phoenix Contact CHARX SEC-3100 (up to v1.5.1) is affected by an unauthenticated MitM vulnerability where sensitive data is transmitted in cleartext, enabling an attacker to extract a session token and gain web-based management access with the privileges of the current user. Impact is limited to n...

CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

RHEL 7 : erlang (RHSA-2018:0368)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0368 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...

CVE-2024-29963

CVE-2024-29963 affects Brocade SANnav OVA before v2.3.1 and v2.3.0a, where hardcoded TLS keys are used by Docker. Root cause: embedded TLS keys in the appliance enable potential MITM exposure if Docker TLS traffic is reachable; SANnav reportedly does not access remote Docker registries. Impact: c...

CVE-2024-3387

A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle MitM attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker...

CVE-2024-3387

The CVE-2024-3387 issue concerns Palo Alto Networks PAN-OS Panorama software using a weak device certificate, enabling a MITM-style attack to intercept traffic between the Panorama management server and managed firewalls. Technical details across connected sources confirm the root cause is weak (...