CVE-2020-5684
N/A
N/A
Summary
iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NEC Corporation | Management software for NEC Storage disk array system | iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express | affected |
Weaknesses
- Improper server certificate verification
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.