← voltar
CVE-2022-2996

CVE-2022-2996

EPSS 0.5%CWE-295
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 set 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.
Produtos afetados
n/a · python-scciclient

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://lists.debian.org/debian-lts-announce/2022/11/msg00006.htmlhttps://opendev.org/x/python-scciclient/commit/274dca0344b65b4ac113d3271d21c17e970a636c