SSL/TLS Certificate Validation Vulnerability in Satellite 5

SSL/TLS Certificate Validation Vulnerability in Satellite 5

CVE-2017-7513 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.