3 matches found
MiracleLinux 8 : perl-HTTP-Tiny-0.074-2.el8 (AXSA:2023-7126:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7126:02 advisory. http-tiny: insecure TLS cert default CVE-2023-31486 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation due to insufficient authentication checks in the client and server processes. An attacker can gain unauthorized access to sensitive data by establishing a connection without proper certificate validation or...
CVE-2022-23000
The Western Digital My Cloud Web App https://os5.mycloud.com/ uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying stronger validation,...