Main Vulnerability Database SB2020072406

SB2020072406 - Usage of weak encryption in Mumble

Published: July 24, 2020

Security Bulletin ID SB2020072406

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Description

This security bulletin contains information about 1 security vulnerability.

1) Cryptographic issues (CVE-ID: N/A)

The vulnerability allows a remote attacker to preform MitM attack.

The vulnerability exists due to usage of photographically weak OCB2 encryption. A remote attacker can intercept data and decrypt it.

Install update from vendor's website.