CVE-2023-5594

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed	Vendor Advisory
https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:eset:endpoint_antivirus::::::linux::*
	cpe:2.3:a:eset:endpoint_antivirus:-:::::windows::
	cpe:2.3:a:eset:endpoint_security:-:::::windows::
	cpe:2.3:a:eset:file_security:-:::::azure::
	cpe:2.3:a:eset:internet_security:-:::::::*
	cpe:2.3:a:eset:mail_security:-:::::domino::
	cpe:2.3:a:eset:mail_security:-:::::exchange_server::
	cpe:2.3:a:eset:nod32_antivirus:-:::::::*
	cpe:2.3:a:eset:security:-:::::sharepoint_server::
	cpe:2.3:a:eset:security:-::::ultimate:::
	cpe:2.3:a:eset:server_security::::::linux::*
	cpe:2.3:a:eset:server_security:-:::::windows_server::
	cpe:2.3:a:eset:smart_security:-::::premium:::

History

No history.

Information

Published : 2023-12-21 12:15

Updated : 2024-11-21 08:42

NVD link : CVE-2023-5594

Mitre link : CVE-2023-5594

CVE.ORG link : CVE-2023-5594

JSON object : View

Products Affected

eset

file_security
smart_security
endpoint_antivirus
internet_security
mail_security
nod32_antivirus
server_security
security
endpoint_security

CWE

CWE-295

Improper Certificate Validation

{"id": "CVE-2023-5594", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@eset.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2023-12-21T12:15:08.293", "references": [{"url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed", "tags": ["Vendor Advisory"], "source": "security@eset.com"}, {"url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security@eset.com", "description": [{"lang": "en", "value": "CWE-295"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "Improper validation of the server\u2019s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted."}, {"lang": "es", "value": "La validaci\u00f3n incorrecta de la cadena de certificados del servidor en la funci\u00f3n de escaneo de tr\u00e1fico seguro consider\u00f3 que el certificado intermedio firmado utilizando el algoritmo MD5 o SHA1 era confiable."}], "lastModified": "2024-11-21T08:42:05.600", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "1B5C405E-3150-40F5-882D-C07A4955C996", "versionStartIncluding": "10.0"}, {"criteria": "cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "439FC2E0-2FE4-4916-8E2C-119450608680"}, {"criteria": "cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "99F0D178-E466-461D-B404-D2958D12B1A0"}, {"criteria": "cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*", "vulnerable": true, "matchCriteriaId": "207E6D02-A9FB-4B1F-ABEA-BEBDA67E31A4"}, {"criteria": "cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2CAD248-1F32-4459-A530-8706E334C67F"}, {"criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*", "vulnerable": true, "matchCriteriaId": "5043B5B1-38B2-4621-B738-A79E5DF8D98E"}, {"criteria": "cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*", "vulnerable": true, "matchCriteriaId": "DE40A56E-EBC0-43C8-85FB-868802B4817F"}, {"criteria": "cpe:2.3:a:eset:nod32_antivirus:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6253FAFB-0AE6-494A-950D-EB0EB15E982C"}, {"criteria": "cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*", "vulnerable": true, "matchCriteriaId": "D6CCDFB5-D27D-40F5-9BFC-274DA84783E8"}, {"criteria": "cpe:2.3:a:eset:security:-:*:*:*:ultimate:*:*:*", "vulnerable": true, "matchCriteriaId": "F86A88FA-CAB9-4937-AE8D-4FA22EF4D380"}, {"criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "90DDE40D-605C-4465-A647-D3BD14B13E46", "versionStartIncluding": "10.1"}, {"criteria": "cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*", "vulnerable": true, "matchCriteriaId": "74BC745B-A4C5-4EAE-B985-78FDA3C40516"}, {"criteria": "cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*", "vulnerable": true, "matchCriteriaId": "375F46B4-9FDF-48FB-935A-8BB6FEF5221A"}], "operator": "OR"}]}], "sourceIdentifier": "security@eset.com"}