Vulnerability Details CVE-2022-21170
Improper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.4%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
References
- https://download.daj.co.jp/user/dspa/V3/
- https://download.daj.co.jp/user/dspa/V4/
- https://download.daj.co.jp/user/ifb/
- https://download.daj.co.jp/user/ifilter/V10/
- https://download.daj.co.jp/user/ifilter/V9/
- https://jvn.jp/en/jp/JVN33214411/index.html
- https://download.daj.co.jp/user/dspa/V3/
- https://download.daj.co.jp/user/dspa/V4/
- https://download.daj.co.jp/user/ifb/
- https://download.daj.co.jp/user/ifilter/V10/
- https://download.daj.co.jp/user/ifilter/V9/
- https://jvn.jp/en/jp/JVN33214411/index.html
Products affected by CVE-2022-21170
-
cpe:2.3:a:daj:i-filter:-
-
cpe:2.3:a:daj:i-filter:10.0
-
cpe:2.3:a:daj:i-filter:10.45r01
-
cpe:2.3:a:daj:i-filter:9.50r05
-
cpe:2.3:a:daj:i-filter:9.50r10
-
cpe:2.3:a:daj:i-filter_browser_&_cloud_multiagent:-
-
cpe:2.3:a:daj:i-filter_browser_&_cloud_multiagent:4.93r04
-
cpe:2.3:h:daj:dspa-15000_m5:3
-
cpe:2.3:h:daj:dspa-15000_m5:4
-
cpe:2.3:h:daj:dspa-2000_m4:4
-
cpe:2.3:h:daj:dspa-4000_m4:4
-
cpe:2.3:h:daj:dspa-7000_m5:3
-
cpe:2.3:h:daj:dspa-7000_m5:4