8.1

CVE-2018-5761

A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x before 4.0.4-p2. This vulnerability might expose Rubrik user credentials configured to access vCenter as Rubrik clusters did not verify TLS certificates presented by vCenter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RubrikCdm Version <= 3.0.0
RubrikCdm Version >= 4.0.0 <= 4.0.4
RubrikCdm Version4.0.4 Updatep1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.55% 0.413
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

https://gist.github.com/srau/0ed7747953b3571247a6c485f91619ff
Third Party Advisory
https://support.rubrik.com/articles/How_To/000001135
Permissions Required