Certificate Revocation Check Bypass Vulnerability in i-FILTER and D-SPA

Certificate Revocation Check Bypass Vulnerability in i-FILTER and D-SPA

CVE-2022-21170 · LOW Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.

Learn more about our Cloud Audit.