Today > 2 Critical | 2 High | 8 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-38861

Sept. 30, 2024, 12:46 p.m.

Product(s) Impacted

MikroTik

  • 2.0.0 - 2.5.5
  • 0.4a_mk - 2.0a

Description

Improper Certificate Validation in Checkmk Exchange plugin MikroTik allows attackers in MitM position to intercept traffic. This issue affects MikroTik: from 2.0.0 through 2.5.5, from 0.4a_mk through 2.0a.

Weaknesses

CWE-295
Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

CWE ID: 295

Date

Published: Sept. 27, 2024, 9:15 a.m.

Last Modified: Sept. 30, 2024, 12:46 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@checkmk.com

References

https://exchange.checkmk.com/ security@checkmk.com