2 matches found
CVE-2025-35115
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30...
CVE-2025-35115
CVE-2025-35115 affects Agiloft Release 28, where critical system package downloads occur over insecure HTTP, enabling a MITM attacker to replace or modify the download URL contents. Root cause: lack of secure transport during package retrieval. Impact per sources: potential integrity and confiden...