A flaw was found in the python-scciclient when making an HTTPS connection to a server where the servers certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.
The product does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Python-scciclient | Python-scciclient_project | 0.11.0 (including) | 0.11.0 (including) |