CVE-2020-24715

The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName.
References
Link Resource
https://scalyr-static.s3.amazonaws.com/technical-details/index.html Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:scalyr:scalyr_agent:*:*:*:*:*:*:*:*

Information

Published : 2020-08-27 10:15

Updated : 2020-09-03 03:44


NVD link : CVE-2020-24715

Mitre link : CVE-2020-24715

Products Affected
No products.
CWE
CWE-295

Improper Certificate Validation