CVE-2022-3913
CVE-2022-3913 affects Rapid7 Nexpose and InsightVM, versions 6.6.82–6.6.177, due to failure to validate the update server’s TLS certificate when downloading updates. This could allow a network‑adjacent attacker with some access along the path to supply their own HTTPS endpoint or intercept traffi...