A vulnerability has been discovered in Bitdefender Total...
High severity
Unreviewed
Published
Oct 18, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Oct 18, 2024
Published to the GitHub Advisory Database
Oct 18, 2024
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to establish MITM SSL connections to arbitrary sites.
References