CVEbaza.plSłownik CWECWE-300
Common Weakness Enumeration

CWE-300

Channel Accessible by Non-Endpoint

Kategoria: ClassCVE: 54
Opis

Produkt nie weryfikuje w wystarczający sposób tożsamości uczestników na obu końcach kanału komunikacyjnego lub nie zapewnia adekwatnie integralności kanału, co umożliwia dostęp do niego lub wpływ na niego podmiotowi, który nie jest punktem końcowym. Luka ta pozwala nieuprawnionym aktorom na przechwycenie, modyfikację lub przejęcie kontroli nad kanałem komunikacyjnym.

Description (EN)

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

Podatności CVE z CWE-300 (54)
9.8
CVSS
CRITICAL
CVE-2019-3793

Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the authorization credentials used to make the invitation requests.

pub. 2019-04-24
9.8
CVSS
CRITICAL
CVE-2017-7480

rkhunter versions before 1.4.4 are vulnerable to file download over insecure channel when doing mirror update resulting into potential remote code execution.

pub. 2017-07-21
9.8
CVSS
CRITICAL
CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.

pub. 2009-11-09
9.3
CVSS
CRITICAL
CVE-2025-54792

W aplikacji LocalSend w wersjach 1.16.1 i wcześniejszych istnieje krytyczna podatność Man-in-the-Middle (MitM) w protokole odkrywania urządzeń w sieci lokalnej. Nieuwierzytelniony atakujący w tej samej sieci może podszywać się pod zaufane urządzenia, przechwytując i modyfikując przesyłane pliki bez wiedzy ofiary.

pub. 2025-08-01
8.3
CVSS
HIGH
CVE-2023-31004

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. IBM X-Force ID: 254765.

pub. 2024-02-03
8.2
CVSS
HIGH
CVE-2024-31206

dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In `dectalk-tts@1.0.0`, network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package could be the victim of a man-in-the-middle (MITM) attack. The network request was upgraded to HTTPS in version `1.0.1`. There are no workarounds, but some precautions include not sending any sensitive information and carefully verifying the API response before saving it.

pub. 2024-04-04
8.1
CVSS
HIGH
CVE-2025-31214

This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker in a privileged network position may be able to intercept network traffic.

pub. 2025-05-12
8.1
CVSS
HIGH
CVE-2024-36553

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack.

pub. 2025-02-06
8.1
CVSS
HIGH
CVE-2021-21953

An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges.

pub. 2021-12-22
8.1
CVSS
HIGH
CVE-2021-41033

In all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installation can be vulnerable to man-in-the-middle attack if using p2 repos that are HTTP; that can then be exploited to serve incorrect p2 metadata and entirely alter the local installation, particularly by installing plug-ins that may then run malicious code.

pub. 2021-09-13
8.1
CVSS
HIGH
CVE-2019-5456

SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later.

pub. 2019-07-30
7.8
CVSS
HIGH
CVE-2025-20122

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.

pub. 2025-05-07
7.8
CVSS
HIGH
CVE-2023-32634

An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability.

pub. 2023-10-12
7.5
CVSS
HIGH
CVE-2025-63363

A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to execute de-authentication attacks, allowing crafted deauthentication and disassociation frames to be broadcast without authentication or encryption.

pub. 2025-12-04
7.5
CVSS
HIGH
CVE-2025-40770

A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.

pub. 2025-08-12
7.5
CVSS
HIGH
CVE-2021-32926

When an authenticated password change request takes place, this vulnerability could allow the attacker to intercept the message that includes the legitimate, new password hash and replace it with an illegitimate hash. The user would no longer be able to authenticate to the controller (Micro800: All versions, MicroLogix 1400: Version 21 and later) causing a denial-of-service condition

pub. 2021-06-03
7.5
CVSS
HIGH
CVE-2021-22909

A vulnerability found in EdgeMAX EdgeRouter V2.0.9 and earlier could allow a malicious actor to execute a man-in-the-middle (MitM) attack during a firmware update. This vulnerability is fixed in EdgeMAX EdgeRouter V2.0.9-hotfix.1 and later.

pub. 2021-05-27
7.4
CVSS
HIGH
CVE-2024-32049

BIG-IP Next Central Manager (CM) may allow an unauthenticated, remote attacker to obtain the BIG-IP Next LTM/WAF instance credentials.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

pub. 2024-05-08
7.4
CVSS
HIGH
CVE-2019-14899

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.

pub. 2019-12-11
7.4
CVSS
HIGH
CVE-2017-12151

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack.

pub. 2018-07-27
Pokazano 20 z 54 podatności
Informacje
ID: CWE-300
Typ: Class
Podatności: 54
MITRE CWE ↗
← Słownik CWE