漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Gotham Chat IRC help does not validate hostnames in TLS certificates
Vulnerability Description
Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. This issue affects: Palantir Palantir Gotham Chat IRC helper versions prior to 30221005.210011.9242.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
对宿主不匹配的证书验证不恰当
Vulnerability Title
Palantir 信任管理问题漏洞
Vulnerability Description
Palantir是美国Palantir公司的一个数据平台,通过消除后端数据管理和前端数据分析之间的障碍来重新构想人们如何使用数据。 Palantir Gotham Chat IRC 30221005.210011.9242之前版本存在安全漏洞,该漏洞源于未验证 TLS 证书中的主机名。攻击者利用该漏洞执行中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A