13 matches found
CVE-2026-4434
Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
EUVD-2026-13688
Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
CVE-2026-4434
Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
CVE-2026-4434
CVE-2026-4434: Improper certificate validation in PAM propagation WinRM connections enables a network attacker to perform a man-in-the-middle attack when TLS certificate verification is disabled. Documented across multiple feeds (Red Hat, EUVD, NVD, etc.) with a high impact concern (CVSS 8.1). Af...
CVE-2026-4434
Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...
PT-2026-26608
Name of the Vulnerable Software and Affected Versions versions prior to 2026-4434 Description A flaw exists in the validation of certificates during PAM propagation WinRM connections. This allows a network attacker to conduct a man-in-the-middle attack by disabling TLS certificate verification. T...
CVE-2023-5240
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...
CVE-2023-5240
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...
CVE-2023-5240
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...
Improper access control
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...
CVE-2023-5240
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...
CVE-2023-5240
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request...
CVE-2023-5240
CVE-2023-5240 concerns Devolutions Server (versions 2023.2.8.0 and earlier) with improper access control in PAM propagation scripts. The root cause, per Red Hat and other sources, is that an attacker with permission to manage PAM propagation scripts can retrieve passwords stored in those scripts ...