CVE Vulnerabilities

CVE-2024-31854

Improper Certificate Validation

Published: Jul 08, 2025 | Modified: Jul 08, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesnt check devices certificate common name against an expected value. This could allow an attacker to execute an on-path network (MitM) attack.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Potential Mitigations

References