Lucene search
GoogleOSV:GHSA-QV6X-53JJ-VW59HistoryMay 21, 2024 - 9:30 p.m.
NASA AIT-Core uses unencrypted channels to exchange data over the network
2024-05-2121:30:27
Google
osv.dev
3
nasa
ait-core
unencrypted
data exchange
network security
man-in-the-middle
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 High
AI Score
Confidence
High
0 Low
EPSS
Percentile
0.0%
NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack.
Related
github
github
NASA AIT-Core uses unencrypted channels to exchange data over the network
2024-05-21 21:30:27
veracode
veracode
Cleartext Transmission Of Sensitive Information
2024-05-24 08:46:47
vulnrichment
vulnrichment
CVE-2024-35061
1976-01-01 00:00:00
cvelist
cvelist
CVE-2024-35061
1976-01-01 00:00:00
nvd
nvd
CVE-2024-35061
2024-05-21 19:15:10
cve
cve
CVE-2024-35061
2024-05-21 19:15:10
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.5 High
AI Score
Confidence
High
0 Low
EPSS
Percentile
0.0%
Related for OSV:GHSA-QV6X-53JJ-VW59