Common Weakness Enumeration

CWE-297

Allowed

Improper Validation of Certificate with Host Mismatch

Abstraction: Variant · Status: Incomplete

The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.

99 vulnerabilities reference this CWE, most recent first.

CVE-2024-8285 (GCVE-0-2024-8285)

Vulnerability from cvelistv5 – Published: 2024-08-30 21:10 – Updated: 2025-11-20 20:57
VLAI
Title
Kroxylicious: missing upstream kafka tls hostname verification
Summary
A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
References
URL Tags
https://access.redhat.com/errata/RHSA-2024:9571 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8285 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2308606 issue-trackingx_refsource_REDHAT
Impacted products
Vendor Product Version
Affected: 0.80.0 , < 0.80.0 (semver)
Red Hat Streams for Apache Kafka 2.8.0     cpe:/a:redhat:amq_streams:2
Create a notification for this product.
Red Hat streams for Apache Kafka     cpe:/a:redhat:amq_streams:1
Create a notification for this product.
Date Public
2024-08-27 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8285",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-03T13:31:13.219614Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T13:32:03.256Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/kroxylicious/kroxylicious",
          "defaultStatus": "unaffected",
          "packageName": "kroxylicious",
          "versions": [
            {
              "lessThan": "0.80.0",
              "status": "affected",
              "version": "0.80.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "io.kroxylicious-kroxylicious-parent",
          "product": "Streams for Apache Kafka 2.8.0",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-annotations",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-api",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-app",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-app-licenses",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-filter-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-integration-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-hashicorp-vault",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-hashicorp-vault-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-kroxylicious-inmemory",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-provider-kroxylicious-inmemory-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-kms-test-support",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-krpc-plugin",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-multitenant",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-record-encryption",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-record-validation",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-runtime",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-sample",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious/kroxylicious-simple-transform",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious.testing/testing-api",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious.testing/testing-impl",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:1"
          ],
          "defaultStatus": "affected",
          "packageName": "io.kroxylicious.testing/testing-junit5-extension",
          "product": "streams for Apache Kafka",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-08-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T20:57:19.811Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9571",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9571"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8285"
        },
        {
          "name": "RHBZ#2308606",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-29T22:39:10.882Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-08-27T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Kroxylicious: missing upstream kafka tls hostname verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-297: Improper Validation of Certificate with Host Mismatch"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8285",
    "datePublished": "2024-08-30T21:10:52.324Z",
    "dateReserved": "2024-08-28T19:38:52.128Z",
    "dateUpdated": "2025-11-20T20:57:19.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-7346 (GCVE-0-2024-7346)

Vulnerability from cvelistv5 – Published: 2024-09-03 14:51 – Updated: 2024-09-03 15:06
VLAI
Title
Client connections using default TLS certificates from OpenEdge may bypass TLS host name validation
Summary
Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection.  This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security.  The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
References
Impacted products
Vendor Product Version
Progress OpenEdge Affected: 11.7.0 , ≤ 11.7.19 (custom)
Affected: 12.2.0 , ≤ 12.2.14 (custom)
Unaffected: 12.8.0 (custom)
Create a notification for this product.
progress openedge Affected: 11.7.0 , ≤ 11.7.19 (custom)
Affected: 12.2.0 , ≤ 12.2.14 (custom)
Unaffected: 12.8.0
    cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:progress:openedge:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "openedge",
            "vendor": "progress",
            "versions": [
              {
                "lessThanOrEqual": "11.7.19",
                "status": "affected",
                "version": "11.7.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "12.2.14",
                "status": "affected",
                "version": "12.2.0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "12.8.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7346",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-03T15:03:24.623163Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T15:06:04.578Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "modules": [
            "PASOE Application Server",
            "OpenEdge Authentication Gateway"
          ],
          "platforms": [
            "Windows",
            "Linux",
            "64 bit",
            "x86",
            "32 bit"
          ],
          "product": "OpenEdge",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "11.7.19",
              "status": "affected",
              "version": "11.7.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "12.2.14",
              "status": "affected",
              "version": "12.2.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "12.8.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of the legacy OpenEdge default TLS/SSL certificates in TLS-networked connections in an OpenEdge installation.\u003cbr\u003e"
            }
          ],
          "value": "Use of the legacy OpenEdge default TLS/SSL certificates in TLS-networked connections in an OpenEdge installation."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection.\u0026nbsp; This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security.\u0026nbsp; The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation.\u0026nbsp; \u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection.\u00a0 This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security.\u00a0 The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-272",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-272: Protocol Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297: Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-03T14:51:03.551Z",
        "orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
        "shortName": "ProgressSoftware"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://community.progress.com/s/article/Client-connections-using-default-TLS-certificates-from-OpenEdge-may-bypass-TLS-host-name-validation"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use the 12.8.0 or above LTS release where the vulnerability does not exist\u003cbr\u003e"
            }
          ],
          "value": "Use the 12.8.0 or above LTS release where the vulnerability does not exist"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use the 12.2 LTS release at the 12.2.15 Update level or above\n\n\u003cbr\u003e"
            }
          ],
          "value": "Use the 12.2 LTS release at the 12.2.15 Update level or above"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use the 11.7 LTS release at the 11.7.20 Update level or above\n\n\u003cbr\u003e"
            }
          ],
          "value": "Use the 11.7 LTS release at the 11.7.20 Update level or above"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Client connections using default TLS certificates from OpenEdge may bypass TLS host name validation",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eReplace all use of default OpenEdge TLS certificates with a CA-signed certificate from a recognized certificate authority that contains the necessary information to support host name validation\n\n\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "Replace all use of default OpenEdge TLS certificates with a CA-signed certificate from a recognized certificate authority that contains the necessary information to support host name validation"
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use the \"nohostverify\" switch in development environments when clients need to bypass host name validation as a convenience prior to establishing valid certificates for production.\u003cbr\u003e"
            }
          ],
          "value": "Use the \"nohostverify\" switch in development environments when clients need to bypass host name validation as a convenience prior to establishing valid certificates for production."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
    "assignerShortName": "ProgressSoftware",
    "cveId": "CVE-2024-7346",
    "datePublished": "2024-09-03T14:51:03.551Z",
    "dateReserved": "2024-07-31T17:32:10.370Z",
    "dateUpdated": "2024-09-03T15:06:04.578Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2462 (GCVE-0-2024-2462)

Vulnerability from cvelistv5 – Published: 2024-06-11 12:48 – Updated: 2024-08-01 19:11
VLAI
Summary
Allow attackers to intercept or falsify data exchanges between the client and the server
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
Impacted products
Vendor Product Version
Hitachi Energy FOXMAN-UN Affected: 0 , ≤ FOXMAN-UN R16B PC2 (custom)
Unaffected: FOXMAN-UN R16B PC3 (custom)
Affected: 0 , ≤ FOXMAN-UN R15B PC4 (custom)
Unaffected: FOXMAN-UN R15B PC5 (custom)
Affected: FOXMAN-UN R16A (custom)
Affected: FOXMAN-UN R15A (custom)
Create a notification for this product.
Hitachi Energy FOX61x Affected: 0 , < FOX61x R16B (custom)
Unaffected: FOX61x R16B (custom)
Create a notification for this product.
Hitachi Energy FOXCST Affected: 0 , < FOXCST_16.2.1 (custom)
Unaffected: FOXCST_16.2.1 (custom)
Create a notification for this product.
Hitachi Energy UNEM Affected: 0 , ≤ UNEM R16B PC2 (custom)
Unaffected: UNEM R16B PC3 (custom)
Affected: 0 , ≤ UNEM R15B PC4 (custom)
Unaffected: UNEM R15B PC5 (custom)
Affected: UNEM R16A (custom)
Affected: UNEM R15A (custom)
Create a notification for this product.
Hitachi Energy XMC20 Affected: R16B (custom)
Create a notification for this product.
Hitachi Energy ECST Affected: ECST_16.2.1 (custom)
Create a notification for this product.
hitachi_energy foxman-un Affected: 0 , ≤ FOXMAN-UN R16B PC2 (custom)
Unaffected: FOXMAN-UN R16B PC3
Affected: 0 , ≤ FOXMAN-UN R15B PC4 (custom)
Unaffected: FOXMAN-UN R15B PC5
Affected: FOXMAN-UN R16A
Affected: FOXMAN-UN R15A
    cpe:2.3:a:hitachi_energy:foxman-un:*:*:*:*:*:*:*:*
Create a notification for this product.
hitachi_energy fox61x Affected: 0 , < FOX61x R16B (custom)
Unaffected: FOX61x R16B
    cpe:2.3:a:hitachi_energy:fox61x:*:*:*:*:*:*:*:*
Create a notification for this product.
hitachi_energy foxcst Affected: 0 , < FOXCST_16.2.1 (custom)
Unaffected: FOXCST_16.2.1
    cpe:2.3:a:hitachi_energy:foxcst:*:*:*:*:*:*:*:*
Create a notification for this product.
hitachi_energy unem Affected: 0 , ≤ UNEM R16B PC2 (custom)
Unaffected: UNEM R16B PC3
Affected: 0 , ≤ UNEM R15B PC4 (custom)
Unaffected: UNEM R15B PC5
Affected: UNEM R16A
Affected: UNEM R15A
    cpe:2.3:a:hitachi_energy:unem:*:*:*:*:*:*:*:*
Create a notification for this product.
hitachi_energy xmc20 Affected: R16B
    cpe:2.3:a:hitachi_energy:xmc20:*:*:*:*:*:*:*:*
Create a notification for this product.
hitachi_energy ecst Affected: ECST_16.2.1
    cpe:2.3:a:hitachi_energy:ecst:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:foxman-un:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "foxman-un",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThanOrEqual": "FOXMAN-UN R16B PC2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOXMAN-UN R16B PC3"
              },
              {
                "lessThanOrEqual": "FOXMAN-UN R15B PC4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOXMAN-UN R15B PC5"
              },
              {
                "status": "affected",
                "version": "FOXMAN-UN R16A"
              },
              {
                "status": "affected",
                "version": "FOXMAN-UN R15A"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:fox61x:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "fox61x",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThan": "FOX61x R16B",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOX61x R16B"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:foxcst:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "foxcst",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThan": "FOXCST_16.2.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "FOXCST_16.2.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:unem:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "unem",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "lessThanOrEqual": "UNEM R16B PC2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "UNEM R16B PC3"
              },
              {
                "lessThanOrEqual": "UNEM R15B PC4",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "unaffected",
                "version": "UNEM R15B PC5"
              },
              {
                "status": "affected",
                "version": "UNEM R16A"
              },
              {
                "status": "affected",
                "version": "UNEM R15A"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:xmc20:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "xmc20",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "status": "affected",
                "version": "R16B"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:hitachi_energy:ecst:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "ecst",
            "vendor": "hitachi_energy",
            "versions": [
              {
                "status": "affected",
                "version": "ECST_16.2.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2462",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-12T18:31:01.584910Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T19:06:16.825Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198\u0026languageCode=en\u0026Preview=true"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "FOXMAN-UN",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "FOXMAN-UN R16B PC2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOXMAN-UN R16B PC3",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "FOXMAN-UN R15B PC4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOXMAN-UN R15B PC5",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R16A",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "FOXMAN-UN R15A",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "FOX61x",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThan": "FOX61x R16B",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOX61x R16B",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "FOXCST",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThan": "FOXCST_16.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "FOXCST_16.2.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "UNEM",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "lessThanOrEqual": "UNEM R16B PC2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "UNEM R16B PC3",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "UNEM R15B PC4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "UNEM R15B PC5",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "UNEM R16A",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "UNEM R15A",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "XMC20",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "R16B",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ECST",
          "vendor": "Hitachi Energy",
          "versions": [
            {
              "status": "affected",
              "version": "ECST_16.2.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server\n\n"
            }
          ],
          "value": "Allow attackers to intercept or falsify data exchanges between the client \nand the server"
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "PHYSICAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-11T12:48:57.963Z",
        "orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
        "shortName": "Hitachi Energy"
      },
      "references": [
        {
          "url": "https://publisher.hitachienergy.com/preview?DocumentId=8DBD000198\u0026languageCode=en\u0026Preview=true"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
    "assignerShortName": "Hitachi Energy",
    "cveId": "CVE-2024-2462",
    "datePublished": "2024-06-11T12:48:57.963Z",
    "dateReserved": "2024-03-14T17:09:59.755Z",
    "dateUpdated": "2024-08-01T19:11:53.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-34143 (GCVE-0-2023-34143)

Vulnerability from cvelistv5 – Published: 2023-07-18 02:03 – Updated: 2024-10-21 18:54
VLAI
Title
Improper Validation of Certificate Vulnerability in Hitachi Device Manager
Summary
Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
References
Impacted products
Vendor Product Version
Hitachi Hitachi Device Manager Affected: 0 , < 8.8.5-02 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:01:53.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-34143",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-21T18:54:34.188672Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-21T18:54:46.219Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Device Manager Server",
            "Device Manager Agent",
            "Host Data Collector"
          ],
          "platforms": [
            "Windows",
            "Linux"
          ],
          "product": "Hitachi Device Manager",
          "vendor": "Hitachi",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.8.5-02",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.8.5-02",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.\u003cp\u003eThis issue affects Hitachi Device Manager: before 8.8.5-02.\u003c/p\u003e"
            }
          ],
          "value": "Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-94",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-94 Man in the Middle Attack"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-18T02:03:20.910Z",
        "orgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
        "shortName": "Hitachi"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html"
        }
      ],
      "source": {
        "advisory": "hitachi-sec-2023-125",
        "discovery": "UNKNOWN"
      },
      "title": "Improper Validation of Certificate Vulnerability in Hitachi Device Manager",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d0f415-c707-4733-9afc-8f6c0e9b3f82",
    "assignerShortName": "Hitachi",
    "cveId": "CVE-2023-34143",
    "datePublished": "2023-07-18T02:03:20.910Z",
    "dateReserved": "2023-05-26T08:50:31.433Z",
    "dateUpdated": "2024-10-21T18:54:46.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-24568 (GCVE-0-2023-24568)

Vulnerability from cvelistv5 – Published: 2023-05-30 15:12 – Updated: 2025-01-10 18:57
VLAI
Summary
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
References
Impacted products
Vendor Product Version
Dell NetWorker Affected: 19.8.0.0, 19.7.0.3 and prior releases, 19.7.1
Create a notification for this product.
Date Public
2023-04-03 06:30
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:03:18.799Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000210963/dsa-2023-059-dell-networker-security-update-for-a-rabbitmq-vulnerability-related-to-improper-validation-of-hostname-in-rabbitmq-startup-script-which-fails-to-replace-ca-signed-certificates"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-24568",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-10T18:56:59.605024Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-10T18:57:10.439Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NetWorker",
          "vendor": "Dell",
          "versions": [
            {
              "status": "affected",
              "version": "19.8.0.0, 19.7.0.3 and prior releases, 19.7.1"
            }
          ]
        }
      ],
      "datePublic": "2023-04-03T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.\u003c/span\u003e\n\n"
            }
          ],
          "value": "\nDell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297: Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-20T10:53:31.447Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000210963/dsa-2023-059-dell-networker-security-update-for-a-rabbitmq-vulnerability-related-to-improper-validation-of-hostname-in-rabbitmq-startup-script-which-fails-to-replace-ca-signed-certificates"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2023-24568",
    "datePublished": "2023-05-30T15:12:19.571Z",
    "dateReserved": "2023-01-26T16:27:33.567Z",
    "dateUpdated": "2025-01-10T18:57:10.439Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5909 (GCVE-0-2023-5909)

Vulnerability from cvelistv5 – Published: 2023-11-30 22:05 – Updated: 2026-02-25 17:20
VLAI
Title
Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx
Summary
KEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
References
Credits
Shawn Hoffman
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5909",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-09T05:06:00.963177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-25T17:20:07.195Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "KEPServerEX",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "6.14.263.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Kepware Server",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "6.14.263.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Industrial Connectivity",
          "vendor": "PTC",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "OPC-Aggregator",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "6.14",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ThingWorx Kepware Edge",
          "vendor": "PTC",
          "versions": [
            {
              "lessThanOrEqual": "1.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "KEPServer Enterprise",
          "vendor": "Rockwell Automation ",
          "versions": [
            {
              "lessThanOrEqual": "6.14.263.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Industrial Gateway Server",
          "vendor": "GE Gigital",
          "versions": [
            {
              "lessThanOrEqual": "7.614",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "TOP Server",
          "vendor": "Software Toolbox",
          "versions": [
            {
              "lessThanOrEqual": "6.14.263.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Shawn Hoffman"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e\n\n\u003cp\u003eKEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.\u003c/p\u003e\u003cbr\u003e\n\n\u003cbr\u003e\n\n"
            }
          ],
          "value": "\n\n\n\n\n\n\n\n\nKEPServerEX does not properly validate certificates from clients which may allow unauthenticated users to connect.\n\n\n\n\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-30T22:05:59.595Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-03"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003ePTC has released and recommends users to update to the following versions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eKEPServerEX should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Kepware Server should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Industrial Connectivity should upgrade to ThingWorx Kepware Server v6.15 or later\u003c/li\u003e\u003cli\u003eOPC-Aggregator should upgrade to v6.15 or later\u003c/li\u003e\u003cli\u003eThingWorx Kepware Edge: Upgrade to v1.8 or later\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eRefer to secure configuration guide \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/refdoc/ThingWorx_Kepware_Server/6.15/ThingWorx%20Kepware%20Server%20Secure%20Deployment%20Guide\"\u003ehere\u003c/a\u003e\u003c/p\u003e\u003cp\u003eIf additional questions remain, please contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log?\"\u003ePTC Technical Support\u003c/a\u003e\u003c/p\u003e\u003cp\u003eFor more information, see PTC\u0027s \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ptc.com/en/support/article/CS405439\"\u003eadvisory\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nPTC has released and recommends users to update to the following versions:\n\n  *  KEPServerEX should upgrade to v6.15 or later\n  *  ThingWorx Kepware Server should upgrade to v6.15 or later\n  *  ThingWorx Industrial Connectivity should upgrade to ThingWorx Kepware Server v6.15 or later\n  *  OPC-Aggregator should upgrade to v6.15 or later\n  *  ThingWorx Kepware Edge: Upgrade to v1.8 or later\n\n\nRefer to secure configuration guide  here https://www.ptc.com/en/support/refdoc/ThingWorx_Kepware_Server/6.15/ThingWorx%20Kepware%20Server%20Secure%20Deployment%20Guide \n\nIf additional questions remain, please contact  PTC Technical Support https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log \n\nFor more information, see PTC\u0027s  advisory https://www.ptc.com/en/support/article/CS405439 .\n\n\n\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper Validation of Certificate with Host Mismatch in PTC KEPServerEx",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-5909",
    "datePublished": "2023-11-30T22:05:59.595Z",
    "dateReserved": "2023-11-01T16:18:45.060Z",
    "dateUpdated": "2026-02-25T17:20:07.195Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2022-48308 (GCVE-0-2022-48308)

Vulnerability from cvelistv5 – Published: 2023-02-16 00:00 – Updated: 2025-03-18 15:04
VLAI
Summary
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
Impacted products
Vendor Product Version
Palantir sls-logging Affected: unspecified , < 9.51.0 (custom)
Create a notification for this product.
Date Public
2023-02-14 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:10:59.729Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-14.md"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48308",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-18T15:02:24.359027Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T15:04:29.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "sls-logging",
          "vendor": "Palantir",
          "versions": [
            {
              "lessThan": "9.51.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-16T00:00:00.000Z",
        "orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
        "shortName": "Palantir"
      },
      "references": [
        {
          "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-14.md"
        }
      ],
      "source": {
        "advisory": "PLTRSEC-2022-14",
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
    "assignerShortName": "Palantir",
    "cveId": "CVE-2022-48308",
    "datePublished": "2023-02-16T00:00:00.000Z",
    "dateReserved": "2023-02-02T00:00:00.000Z",
    "dateUpdated": "2025-03-18T15:04:29.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-48307 (GCVE-0-2022-48307)

Vulnerability from cvelistv5 – Published: 2023-02-16 00:00 – Updated: 2025-03-18 15:05
VLAI
Summary
It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of a successful man in the middle attack on magritte-ftp, an attacker would be able to read and modify network traffic such as authentication tokens or raw data entering a Palantir Foundry stack.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
Impacted products
Vendor Product Version
Palantir Foundry Magritte Affected: unspecified , < 9.466.0 (custom)
Create a notification for this product.
Date Public
2023-02-14 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:10:59.695Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-13.md"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48307",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-18T15:04:58.039118Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T15:05:06.264Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Foundry Magritte",
          "vendor": "Palantir",
          "versions": [
            {
              "lessThan": "9.466.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of a successful man in the middle attack on magritte-ftp, an attacker would be able to read and modify network traffic such as authentication tokens or raw data entering a Palantir Foundry stack."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-16T00:00:00.000Z",
        "orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
        "shortName": "Palantir"
      },
      "references": [
        {
          "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-13.md"
        }
      ],
      "source": {
        "advisory": "PLTRSEC-2022-13",
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
    "assignerShortName": "Palantir",
    "cveId": "CVE-2022-48307",
    "datePublished": "2023-02-16T00:00:00.000Z",
    "dateReserved": "2023-02-02T00:00:00.000Z",
    "dateUpdated": "2025-03-18T15:05:06.264Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-48306 (GCVE-0-2022-48306)

Vulnerability from cvelistv5 – Published: 2023-02-16 00:00 – Updated: 2025-03-18 15:08
VLAI
Title
Gotham Chat IRC help does not validate hostnames in TLS certificates
Summary
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. This issue affects: Palantir Palantir Gotham Chat IRC helper versions prior to 30221005.210011.9242.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
Impacted products
Vendor Product Version
Palantir Palantir Gotham Chat IRC helper Affected: unspecified , < 30221005.210011.9242 (custom)
Create a notification for this product.
Date Public
2023-02-14 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:10:59.646Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-09.md"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48306",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-18T15:08:01.781977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T15:08:04.732Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Palantir Gotham Chat IRC helper",
          "vendor": "Palantir",
          "versions": [
            {
              "lessThan": "30221005.210011.9242",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. This issue affects: Palantir Palantir Gotham Chat IRC helper versions prior to 30221005.210011.9242."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-16T00:00:00.000Z",
        "orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
        "shortName": "Palantir"
      },
      "references": [
        {
          "url": "https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-09.md"
        }
      ],
      "source": {
        "advisory": "PLTRSEC-2023-02",
        "discovery": "EXTERNAL"
      },
      "title": "Gotham Chat IRC help does not validate hostnames in TLS certificates",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
    "assignerShortName": "Palantir",
    "cveId": "CVE-2022-48306",
    "datePublished": "2023-02-16T00:00:00.000Z",
    "dateReserved": "2023-02-02T00:00:00.000Z",
    "dateUpdated": "2025-03-18T15:08:04.732Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-32153 (GCVE-0-2022-32153)

Vulnerability from cvelistv5 – Published: 2022-06-15 16:48 – Updated: 2024-09-16 16:43
VLAI
Title
Splunk Enterprise lacked TLS host name validation
Summary
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation.
CWE
  • CWE-297 - Improper Validation of Certificate with Host Mismatch
Assigner
Impacted products
Date Public
2022-06-14 00:00
Credits
Chris Green at Splunk
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:32:56.026Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updates"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://research.splunk.com/application/splunk_digital_certificates_infrastructure_version/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://research.splunk.com/application/splunk_digital_certificates_lack_of_encryption/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://research.splunk.com/application/splunk_protocol_impersonation_weak_encryption_selfsigned/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://research.splunk.com/network/splunk_identified_ssl_tls_certificates/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0603.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Splunk Enterprise",
          "vendor": "Splunk, Inc",
          "versions": [
            {
              "lessThan": "9.0",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Splunk Cloud Platform",
          "vendor": "Splunk, Inc",
          "versions": [
            {
              "lessThan": "8.2.2203",
              "status": "affected",
              "version": "8.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Chris Green at Splunk"
        }
      ],
      "datePublic": "2022-06-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-15T16:48:21.000Z",
        "orgId": "42b59230-ec95-491e-8425-5a5befa1a469",
        "shortName": "Splunk"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updates"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://research.splunk.com/application/splunk_digital_certificates_infrastructure_version/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://research.splunk.com/application/splunk_digital_certificates_lack_of_encryption/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://research.splunk.com/application/splunk_protocol_impersonation_weak_encryption_selfsigned/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://research.splunk.com/network/splunk_identified_ssl_tls_certificates/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0603.html"
        }
      ],
      "source": {
        "advisory": "SVD-2022-0603",
        "discovery": "INTERNAL"
      },
      "title": "Splunk Enterprise lacked TLS host name validation",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "prodsec@splunk.com",
          "DATE_PUBLIC": "2022-06-14T11:55:00.000Z",
          "ID": "CVE-2022-32153",
          "STATE": "PUBLIC",
          "TITLE": "Splunk Enterprise lacked TLS host name validation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Splunk Enterprise",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Splunk Cloud Platform",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.2",
                            "version_value": "8.2.2203"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Splunk, Inc"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Chris Green at Splunk"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configured properly with valid certificates were not vulnerable. However, an attacker with administrator credentials could add a peer without a valid certificate and connections from misconfigured nodes without valid certificates did not fail by default. For Splunk Enterprise, update to Splunk Enterprise version 9.0 and Configure TLS host name validation for Splunk-to-Splunk communications (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation) to enable the remediation."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-297 Improper Validation of Certificate with Host Mismatch"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation",
              "refsource": "CONFIRM",
              "url": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation"
            },
            {
              "name": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updates",
              "refsource": "CONFIRM",
              "url": "https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Updates"
            },
            {
              "name": "https://research.splunk.com/application/splunk_digital_certificates_infrastructure_version/",
              "refsource": "CONFIRM",
              "url": "https://research.splunk.com/application/splunk_digital_certificates_infrastructure_version/"
            },
            {
              "name": "https://research.splunk.com/application/splunk_digital_certificates_lack_of_encryption/",
              "refsource": "CONFIRM",
              "url": "https://research.splunk.com/application/splunk_digital_certificates_lack_of_encryption/"
            },
            {
              "name": "https://research.splunk.com/application/splunk_protocol_impersonation_weak_encryption_selfsigned/",
              "refsource": "CONFIRM",
              "url": "https://research.splunk.com/application/splunk_protocol_impersonation_weak_encryption_selfsigned/"
            },
            {
              "name": "https://research.splunk.com/network/splunk_identified_ssl_tls_certificates/",
              "refsource": "CONFIRM",
              "url": "https://research.splunk.com/network/splunk_identified_ssl_tls_certificates/"
            },
            {
              "name": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0603.html",
              "refsource": "CONFIRM",
              "url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0603.html"
            }
          ]
        },
        "source": {
          "advisory": "SVD-2022-0603",
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469",
    "assignerShortName": "Splunk",
    "cveId": "CVE-2022-32153",
    "datePublished": "2022-06-15T16:48:21.566Z",
    "dateReserved": "2022-05-31T00:00:00.000Z",
    "dateUpdated": "2024-09-16T16:43:11.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design

Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.

Mitigation
Implementation

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

No CAPEC attack patterns related to this CWE.