CVE Vulnerability

CVE-2022-29082

Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.

4.9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 6.8 / Impact : 4.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

Scope

4.6 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.dell.com/support/kbdoc/000198987 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:dell:emc_networker:19.6.1:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:emc_networker:*:*:*:*:*:*:*:*
Information

Published : 2022-05-26 04:15

Updated : 2022-06-08 03:25

NVD link : CVE-2022-29082

Mitre link : CVE-2022-29082

Products Affected
No products.
CWE
CWE-295

Improper Certificate Validation