Unverified Certificate Vulnerability in Lynx

Unverified Certificate Vulnerability in Lynx

CVE-2012-5821 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a certain GnuTLS function.

Learn more about our Cis Benchmark Audit For Server Software.