AI Score
Confidence
High
EPSS
Percentile
43.9%
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust.
github.com/osquery/osquery/pull/6197
www.facebook.com/security/advisories/cve-2020-1887