QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-5594

Back to search

CVE-2023-5594

Published: Dec 21, 2023

Modified: Aug 2, 2024

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.

VendorProductVersions

ESET, spol. s r.o.

ESET NOD32 Antivirus

unaffected
1464

ESET, spol. s r.o.

ESET Internet Security

unaffected
1464

ESET, spol. s r.o.

ESET Smart Security Premium

unaffected
1464

ESET, spol. s r.o.

ESET Security Ultimate

unaffected
1464

ESET, spol. s r.o.

ESET Endpoint Antivirus

unaffected
1464

ESET, spol. s r.o.

ESET Endpoint Security

unaffected
1464

ESET, spol. s r.o.

ESET Endpoint Antivirus for Linux 10.0 and above

unaffected
1464

ESET, spol. s r.o.

ESET Server Security for Windows Server

unaffected
1464

ESET, spol. s r.o.

ESET Mail Security for Microsoft Exchange Server

unaffected
1464

ESET, spol. s r.o.

ESET Mail Security for IBM Domino

unaffected
1464

ESET, spol. s r.o.

ESET Security for Microsoft SharePoint Server

unaffected
1464

ESET, spol. s r.o.

ESET File Security for Microsoft Azure

unaffected
1464

ESET, spol. s r.o.

ESET Server Security for Linux 10.1 and above

unaffected
1464

Weaknesses (CWE)

CWE-295

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

None

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now