CVE-2022-21170
First published: Thu Mar 10 2022(Updated: )
Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Daj I-filter Browser \& Cloud Multiagent | <=4.93r04 | |
| Daj I-filter | <=9.50r10 | |
| Daj I-filter | >=10.0<=10.45r01 | |
| Daj Dspa-15000 M5 | =3 | |
| Daj Dspa-15000 M5 | =4 | |
| Daj Dspa-2000 M4 | =4 | |
| Daj Dspa-4000 M4 | =4 | |
| Daj Dspa-7000 M5 | =3 | |
| Daj Dspa-7000 M5 | =4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- vendor/daj
- canonical/daj i-filter browser \& cloud multiagent
- version/daj i-filter browser \& cloud multiagent/4.93r04
- canonical/daj i-filter
- version/daj i-filter/9.50r10
- version/daj i-filter/10.0
- version/daj i-filter/10.45r01
- canonical/daj dspa-15000 m5
- version/daj dspa-15000 m5/3
- version/daj dspa-15000 m5/4
- canonical/daj dspa-2000 m4
- version/daj dspa-2000 m4/4
- canonical/daj dspa-4000 m4
- version/daj dspa-4000 m4/4
- canonical/daj dspa-7000 m5
- version/daj dspa-7000 m5/3
- version/daj dspa-7000 m5/4