Unverified X.509 Certificates in NTV News24 Ver.3.0.0 Vulnerability

Unverified X.509 Certificates in NTV News24 Ver.3.0.0 Vulnerability

CVE-2019-6032 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Learn more about our Cis Benchmark Audit For Server Software.