3 matches found
Insecure SSL Certificate Validation
github.com/hashicorp/consul has a missing SSL certificate validation. The vulnerability exists due to the xds not ensuring that the subject Alternative Name of an upstream is validated...
CVE-2019-6266
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...
Code injection
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...