RSS   Vulnerabilities for 'Scalyr agent'   RSS

2020-08-27
 
CVE-2020-24715

CWE-295
 

 
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName.

 
 
CVE-2020-24714

CWE-295
 

 
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option.

 


Copyright 2024, cxsecurity.com

 

Back to Top