CVE-2024-8287 - "Anbox Management Service TLS Certificate Validation Bypass"

2 months ago 34
ARTICLE AD BOX
CVE ID : CVE-2024-8287
Published : Sept. 18, 2024, 7:15 p.m. | 24 minutes ago
Description : Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article