CVE-2022-29082
26.05.2022, 16:15
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.Enginsight
| Vendor | Product | Version |
|---|---|---|
| dell | emc_networker | 19.1.1.0 ≤ 𝑥 < 19.5.0.7 |
| dell | emc_networker | 19.6.0 ≤ 𝑥 < 19.6.0.3 |
| dell | emc_networker | 19.6.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-297 - Improper Validation of Certificate with Host MismatchThe software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
- CWE-295 - Improper Certificate ValidationThe software does not validate, or incorrectly validates, a certificate.