CVE-2023-34143

HIGH Year: 2023
CVSS v3 Score
8.1
High
Weakness Type
CWE-297
View all →

Vulnerability Description

Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.

Related Vulnerabilities

CVE-2018-10936

HIGH
CVSS:8.1(High)

A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could ...

CWE-2972018

CVE-2020-11050

HIGH
CVSS:8.1(High)

In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched i...

CWE-2972020

CVE-2022-32153

HIGH
CVSS:8.1(High)

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by defa...

CWE-2972022

CVE-2024-32868

HIGH
CVSS:8.1(High)

ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a `...

CWE-2972024

CVE-2024-49782

HIGH
CVSS:8.2(High)

IBM OpenPages with Watson 8.3 and 9.0 could allow a remote attacker to spoof mail server identity when using SSL/TLS security. An attacker could exploit this vulnerability to gain access to sensitive ...

CWE-2972024

CVE-2025-3501

HIGH
CVSS:8.2(High)

A flaw was found in Keycloak. By setting a verification policy to 'ALL', the trust store certificate verification is skipped, which is unintended.

CWE-2972025