Vulnerability Details CVE-2018-10377
PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.5%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2018-10377
-
cpe:2.3:a:portswigger:burp_suite:-
-
cpe:2.3:a:portswigger:burp_suite:1.0.14
-
cpe:2.3:a:portswigger:burp_suite:1.0.15
-
cpe:2.3:a:portswigger:burp_suite:1.0.16
-
cpe:2.3:a:portswigger:burp_suite:1.1
-
cpe:2.3:a:portswigger:burp_suite:1.1.01
-
cpe:2.3:a:portswigger:burp_suite:1.1.02
-
cpe:2.3:a:portswigger:burp_suite:1.1.03
-
cpe:2.3:a:portswigger:burp_suite:1.1.04
-
cpe:2.3:a:portswigger:burp_suite:1.7.14
-
cpe:2.3:a:portswigger:burp_suite:1.7.15
-
cpe:2.3:a:portswigger:burp_suite:1.7.16
-
cpe:2.3:a:portswigger:burp_suite:1.7.19
-
cpe:2.3:a:portswigger:burp_suite:1.7.20
-
cpe:2.3:a:portswigger:burp_suite:1.7.21
-
cpe:2.3:a:portswigger:burp_suite:1.7.22
-
cpe:2.3:a:portswigger:burp_suite:1.7.23
-
cpe:2.3:a:portswigger:burp_suite:1.7.24
-
cpe:2.3:a:portswigger:burp_suite:1.7.25
-
cpe:2.3:a:portswigger:burp_suite:1.7.26
-
cpe:2.3:a:portswigger:burp_suite:1.7.27
-
cpe:2.3:a:portswigger:burp_suite:1.7.28
-
cpe:2.3:a:portswigger:burp_suite:1.7.29
-
cpe:2.3:a:portswigger:burp_suite:1.7.30
-
cpe:2.3:a:portswigger:burp_suite:1.7.31
-
cpe:2.3:a:portswigger:burp_suite:1.7.32
-
cpe:2.3:a:portswigger:burp_suite:1.7.33