1 results (0.011 seconds)

CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0

Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a crafted certificate. Palo Alto Networks GlobalProtect anterior a 1.1.7 y NetConnect, no verifican los certificados X.509 desde los servidores SSL, lo que permite a atacantes man-in-the-middle suplantar a servidores y obtener información sensible a través de un certificado manipulado. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0100.html https://security.paloaltonetworks.com/CVE-2012-6606 • CWE-310: Cryptographic Issues •