CVE-2022-21170 Vulnerability Details

  /     /     /  

CVE-2022-21170 Metadata Quick Info

CVE Published: 07/03/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: jpcert | Vendor: Digital Arts Inc. | Product: i-FILTER, i-FILTER Browser & Cloud MultiAgent for Windows, and D-SPA using i-FILTER
Status : PUBLISHED

---

CVE-2022-21170 Description

Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Improper check for certificate revocation
Source: Digital Arts Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).