Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information. This is exploitable by man-in-the-middle attackers. In several subsystems, SSL/TLS was used to establish connections to external services without proper validation of hostname and certificate authority. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.Īn attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application.Īn issue was discovered in Zammad before 6.2.0. A vulnerability was found in systemd-resolved.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |