4 matches found
CVE-2022-48308
creationtimestamp| type| source ---|---|--- 2023-02-16 18:12:28+00:00| seen| https://t.me/cibsecurity/58324...
CVE-2022-48308
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...
CVE-2022-48308
CVE-2022-48308 affects Palantir Sls-logging: the component did not verify hostnames in TLS certificates due to incorrect use of the javax.net.ssl.SSLSocketFactory API. This can enable a network-position attacker to perform a man-in-the-middle attack, intercepting or altering traffic to and from t...
CVE-2022-48308
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...