5 matches found
EUVD-2020-26843
Malware in sbrugna...
CVE-2020-5684
iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...
CVE-2020-5684
CVE-2020-5684 affects NEC Storage Manager/Storage Manager Express: iSM client versions from 5.1 up to (but not including) 12.1 do not verify the server certificate, enabling MITM eavesdropping or modification via a crafted certificate. Remediation per JVN/Red Hat: update to iSM Client 12.1+ and N...
CVE-2020-5684
iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...
JVN#10100024: Management software for NEC Storage disk array system vulnerable to improper server certificate verification
Management software for NEC Storage disk array system provided by NEC Corporation is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication or alter the communication. Solution Update the...