1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0
CVE-2017-3218
https://notcve.org/view.php?id=CVE-2017-3218
Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates. Samsung Magician 5.0 no valida certificados TLS para el tráfico de actualización de software HTTPS. En versiones anteriores a la 5.0, Samsung Magician emplea HTTP para las actualizaciones de software. • http://www.securityfocus.com/bid/99081 https://www.kb.cert.org/vuls/id/846320 • CWE-295: Improper Certificate Validation CWE-311: Missing Encryption of Sensitive Data CWE-345: Insufficient Verification of Data Authenticity •