Vulnerability identifier: #VU84650
Vulnerability risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-295
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
NOD32
Other software /
Other software solutions
ESET Internet Security
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Smart Security Premium
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Endpoint Antivirus for Windows
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Endpoint Security for Windows
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Security Ultimate
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Endpoint Antivirus for Linux
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET File Security for Microsoft Azure
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Server Security for Linux
Client/Desktop applications /
Antivirus software/Personal firewalls
ESET Server Security for Microsoft Windows Server
Server applications /
Server solutions for antivurus protection
ESET Mail Security for Microsoft Exchange Server
Server applications /
Server solutions for antivurus protection
ESET Mail Security for IBM Domino
Server applications /
Server solutions for antivurus protection
ESET Security for Microsoft SharePoint Server
Server applications /
Server solutions for antivurus protection
Vendor: Eset
Description
The vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to improper validation of the server’s certificate chain in the SSL/TLS protocol scanning feature. An intermediate certificate signed using the MD5 or SHA1 algorithm was considered trusted, and thus the browser on a system with the ESET secure traffic scanning feature enabled could be caused to trust a site secured with such a certificate.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
NOD32: All versions
ESET Internet Security: All versions
ESET Smart Security Premium: All versions
ESET Endpoint Antivirus for Windows: All versions
ESET Endpoint Security for Windows: All versions
ESET Server Security for Microsoft Windows Server: All versions
ESET Mail Security for Microsoft Exchange Server: All versions
ESET Mail Security for IBM Domino: All versions
ESET Security for Microsoft SharePoint Server: All versions
ESET Security Ultimate: All versions
ESET Endpoint Antivirus for Linux: All versions
ESET File Security for Microsoft Azure: All versions
ESET Server Security for Linux: All versions
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.