CVE-2022-29082

Published: May 26, 2022Modified: Nov 21, 2024

4.6

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Exploitability: 2.1 / Impact: 2.5

Source: NVD

Description

Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.

Affected (3)

Products: Dell: Emc Networker

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Dell Emc Networker	From 19.1.1.0 to 19.5.0.7
Dell Emc Networker	From 19.6.0 to 19.6.0.3
Dell Emc Networker	Version 19.6.1

Related CWEs

Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

Improper Validation of Certificate with Host Mismatch

The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.

References (2)

https://www.dell.com/support/kbdoc/000198987

Source: security_alert@emc.com

Vendor Advisory

https://www.dell.com/support/kbdoc/000198987

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.