Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:NEset Endpoint Antivirus
APPEset≥ 10.0Eset Endpoint Security
APPEsetwszystkie wersjeEset File Security
APPEsetwszystkie wersjeEset Internet Security
APPEsetwszystkie wersjeEset Mail Security
APPEsetwszystkie wersjeEset Nod32 Antivirus
APPEsetwszystkie wersjeEset Security
APPEsetwszystkie wersjeEset Server Security
APPEset≥ 10.1Eset Smart Security
APPEsetwszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Related vulnerabilities
CVE-2020-10180CRITICAL9.8ten sam produkt
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This ...
CVE-2024-0353HIGH7.8ten sam produkt
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to d...
CVE-2023-3160HIGH7.8ten sam produkt
The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to...
CVE-2023-2847HIGH7.8ten sam produkt
During internal security analysis, a local privilege escalation vulnerability has been identified. On a machi...
CVE-2021-37851HIGH7.3ten sam produkt
Local privilege escalation in Windows products of ESET allows user who is logged into the system to exploit re...