CVE-2020-15526 – In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS …

9 July 2020

Vuln ID: CVE-2020-15526

Published: 2020-07-09 17:15:12Z

Description: In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifications pages to disable certificate checking for alert notifications. These TLS security checks are also ignored during monitoring of VMware machines. This would make SQL Monitor vulnerable to potential man-in-the-middle attacks when sending alert notification emails, posting to Slack or posting to webhooks. The vulnerability is fixed in version 10.1.7.

Source: NVD.NIST.GOV

Date:

9 July 2020

Categorie(s):

NVD

Tag(s):

NVD

How two brothers allegedly swiped $25M in a 12-second Ethereum heist18 May 2024
How to revamp your cybersecurity in the middle of the chaos18 May 2024
Leveling the cybersecurity playing field18 May 2024
Automated pentesting in the cloud18 May 2024
Hardware cybersecurity leader, Flexxon, introduces Server Defender18 May 2024