Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

8.1CVSS5.8AI score0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/20 3:31 p.m.16 views

EUVD-2026-13688

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

5.8AI score0.00144EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:52 p.m.2 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

5.8AI score0.00144EPSS
Exploits0References2
CVE
CVE
added 2026/03/20 12:52 p.m.13 views

CVE-2026-4434

CVE-2026-4434: Improper certificate validation in PAM propagation WinRM connections enables a network attacker to perform a man-in-the-middle attack when TLS certificate verification is disabled. Documented across multiple feeds (Red Hat, EUVD, NVD, etc.) with a high impact concern (CVSS 8.1). Af...

8.1CVSS5.8AI score0.00144EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/20 12:52 p.m.23 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26608

Name of the Vulnerable Software and Affected Versions versions prior to 2026-4434 Description A flaw exists in the validation of certificates during PAM propagation WinRM connections. This allows a network attacker to conduct a man-in-the-middle attack by disabling TLS certificate verification. T...

8.1CVSS5.8AI score0.00144EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 5:6 a.m.7 views

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

7.5CVSS6.6AI score0.00625EPSS
Exploits0
NVD
NVD
added 2023/10/13 1:15 p.m.30 views

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

7.5CVSS7.4AI score0.00625EPSS
Exploits0References1
OSV
OSV
added 2023/10/13 1:15 p.m.3 views

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

7.5CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/10/13 1:15 p.m.19 views

Improper access control

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

5CVSS7.3AI score0.00625EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/13 12:22 p.m.17 views

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

6.6AI score0.00625EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/13 12:22 p.m.34 views

CVE-2023-5240

Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...

7.6AI score0.00625EPSS
Exploits0References1
CVE
CVE
added 2023/10/13 12:22 p.m.47 views

CVE-2023-5240

CVE-2023-5240 concerns Devolutions Server (versions 2023.2.8.0 and earlier) with improper access control in PAM propagation scripts. The root cause, per Red Hat and other sources, is that an attacker with permission to manage PAM propagation scripts can retrieve passwords stored in those scripts ...

7.5CVSS7.3AI score0.00625EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder