2 matches found
CVE-2024-8603
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used in B&R Automation Runtime versions before 6.1 and B&R mapp View versions before 6.1 may be abused by unauthenticated network-based attackers to masquerade as services on impacted devices...
Consul Operator Read ACL Enables Connect Service Masquerading
Summary A vulnerability, CVE-2020-28053, was identified in Consul and Consul Enterprise “Consul” such that operators with operator:read ACL permissions were able to read the Consul Connect CA configuration including the private key. Background Consul Connect utilizes mutual TLS to establish servi...