Intelligence Center » Browse All Vulnerabilities » CVE-2012-5814
Overview |
|
| Vulnerability Score |  5.8 |
| CVE Id | CVE-2012-5814 |
| Last Modified | 07 Feb 2013 12:01:51 |
| Published | 04 Nov 2012 05:55:04 |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact |  NONE |
| Access Vector | NETWORK |
| Access Complexity | MEDIUM |
| Authentication | NONE |
CVE-2012-5814
Summary
Weberknecht, as used in GitHub Gaug.es and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Vulnerable Systems
Application
Github Gaug.es -
Roderick Baier Weberknecht -
References
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:47:18
