Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender Internet Security versions prior to 25.0.7.29. Bitdefender Antivirus Plus versions prior to 25.0.7.29.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:06
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.bitdefender.com/support/security-advisories/improper-certificate-validation-bitdefender-total-security-va-8957 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 6.5 |
29 Jun 2021, 13:48
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
References | (MISC) https://www.bitdefender.com/support/security-advisories/improper-certificate-validation-bitdefender-total-security-va-8957 - Vendor Advisory | |
CPE | cpe:2.3:a:bitdefender:total_security:*:*:*:*:*:*:*:* cpe:2.3:a:bitdefender:antivirus_plus:*:*:*:*:*:*:*:* cpe:2.3:a:bitdefender:internet_security:*:*:*:*:*:*:*:* |
|
CWE | CWE-295 |
22 Jun 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-22 15:15
Updated : 2024-11-21 05:06
NVD link : CVE-2020-15732
Mitre link : CVE-2020-15732
CVE.ORG link : CVE-2020-15732
JSON object : View
Products Affected
bitdefender
- antivirus_plus
- total_security
- internet_security
CWE
CWE-295
Improper Certificate Validation