Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked.
References
Link | Resource |
---|---|
https://docs.pexip.com/admin/security_bulletins.htm | Vendor Advisory |
Configurations
History
02 Mar 2022, 18:44
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-295 | |
References | (MISC) https://docs.pexip.com/admin/security_bulletins.htm - Vendor Advisory | |
CPE | cpe:2.3:a:pexip:infinity_connect:*:*:*:*:*:*:*:* |
18 Feb 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-18 22:15
Updated : 2024-02-04 22:29
NVD link : CVE-2021-29656
Mitre link : CVE-2021-29656
CVE.ORG link : CVE-2021-29656
JSON object : View
Products Affected
pexip
- infinity_connect
CWE
CWE-295
Improper Certificate Validation