Description

Ecosystem Agent version 4 < 4.1.5.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position.

INFO

Published Date :

2024-08-08T22:04:11.534Z

Last Modified :

2025-01-07T19:48:40.594Z

Source :

N-able
AFFECTED PRODUCTS

The following products are affected by CVE-2024-5445 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-5445.

URL Resource
https://me.n-able.com/s/article/How-to-check-Ecosystem-Agent-Version-in-N-sight cve-icon cve-icon
https://me.n-able.com/s/article/How-to-check-Ecosystem-Agent-version-in-N-central cve-icon cve-icon
https://me.n-able.com/s/security-advisory/aArVy0000000BhpKAE/cve20245445-ecosystem-agent-insufficient-transport-layer-security cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact