Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ecosystem Agent Insufficient Transport Layer Security
Vulnerability Description
Ecosystem Agent version 4 < 4.1.5.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
证书验证不恰当
Vulnerability Title
N-able Ecosystem Agent 安全漏洞
Vulnerability Description
N-able Ecosystem Agent是加拿大N-able公司的一个代理系统。 N-able Ecosystem Agent存在安全漏洞,该漏洞源于没有正确验证SSL/TLS证书,可能允许恶意行为者执行中间人操作,并从特权网络位置拦截代理和N个服务器之间的流量。
CVSS Information
N/A
Vulnerability Type
N/A