CVE-2022-2996 – python-scciclient: missing server certificate verification

https://notcve.org/view.php?id=CVE-2022-2996

01 Sep 2022 — A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks. Se encontró un fallo en python-scciclient cuando es realizada una conexión HTTPS a un servidor en el que no es verificado el certificado del servidor. Este problema abre la conexión a posibles ataques de tipo Man-in-the-middle (MITM) An update for python-scciclient is now available for Red ... • https://lists.debian.org/debian-lts-announce/2022/11/msg00006.html • CWE-295: Improper Certificate Validation •