CVE-2022-29082
26.05.2022, 16:15
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| dell | emc_networker | 19.1.1.0 ≤ 𝑥 < 19.5.0.7 |
| dell | emc_networker | 19.6.0 ≤ 𝑥 < 19.6.0.3 |
| dell | emc_networker | 19.6.1 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| dell | networker | 𝑥 < 19.6.0.3 | CNA |
Common Weakness Enumeration
- CWE-297 - Improper Validation of Certificate with Host MismatchThe software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
- CWE-295 - Improper Certificate ValidationThe software does not validate, or incorrectly validates, a certificate.