CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6056

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to establish MITM SSL connections to arbitrary sites.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.0%

CVSS Severity

CVSS v3 Score 7.4

References

https://www.bitdefender.com/support/security-advisories/insecure-trust-of-self-signed-certificates-in-bitdefender-total-security-https-scanning-va-11164/

Products affected by CVE-2023-6056

Bitdefender » Total Security » Version: N/A

cpe:2.3:a:bitdefender:total_security:-
Bitdefender » Total Security » Version: 12.0

cpe:2.3:a:bitdefender:total_security:12.0
Bitdefender » Total Security » Version: 21.0.24.62

cpe:2.3:a:bitdefender:total_security:21.0.24.62
Bitdefender » Total Security » Version: 23.0.24.120

cpe:2.3:a:bitdefender:total_security:23.0.24.120
Bitdefender » Total Security » Version: 24.0.26.136

cpe:2.3:a:bitdefender:total_security:24.0.26.136
Bitdefender » Total Security » Version: 25.0.7.29

cpe:2.3:a:bitdefender:total_security:25.0.7.29
Bitdefender » Total Security » Version: 26.0.10.45

cpe:2.3:a:bitdefender:total_security:26.0.10.45
Bitdefender » Total Security » Version: 26.0.3.29

cpe:2.3:a:bitdefender:total_security:26.0.3.29
Bitdefender » Total Security » Version: 7.2.1.65

cpe:2.3:a:bitdefender:total_security:7.2.1.65

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6056

Products

Pricing

Contact Us