CVE-2022-21170

LOW Year: 2022
CVSS v3 Score
3.7
Low
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-295
View all →

Vulnerability Description

Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.

Related Vulnerabilities

CVE-2016-1000033

LOW
CVSS:3.7(Low)

Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks.

CWE-2952016

CVE-2016-9015

LOW
CVSS:3.7(Low)

Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the li...

CWE-2952016

CVE-2017-15528

LOW
CVSS:3.7(Low)

Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the pub...

CWE-2952017

CVE-2019-4150

LOW
CVSS:3.7(Low)

IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) a...

CWE-2952019

CVE-2019-4654

LOW
CVSS:3.7(Low)

IBM QRadar 7.3.0 to 7.3.3 Patch 2 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-F...

CWE-2952019

CVE-2020-9488

LOW
CVSS:3.7(Low)

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messa...

CWE-2952020