TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature.
References
Link | Resource |
---|---|
https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/security-impact-https-interception/ | Technical Description |
https://jhalderm.com/pub/papers/interception-ndss17.pdf | Technical Description |
http://dx.doi.org/10.14722/ndss.2017.23456 | Technical Description |
Configurations
Information
Published : 2018-03-11 21:29
Updated : 2018-04-12 04:27
NVD link : CVE-2017-18227
Mitre link : CVE-2017-18227
JSON object : View
CWE
CWE-295
Improper Certificate Validation
Products Affected
titanhq
- webtitan_gateway