Vulnerability Description
Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eset | Endpoint Antivirus | >= 10.0 |
| Eset | Endpoint Security | - |
| Eset | File Security | - |
| Eset | Internet Security | - |
| Eset | Mail Security | - |
| Eset | Nod32 Antivirus | - |
| Eset | Security | - |
| Eset | Server Security | >= 10.1 |
| Eset | Smart Security | - |
Related Weaknesses (CWE)
References
- https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-Vendor Advisory
- https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-Vendor Advisory
FAQ
What is CVE-2023-5594?
CVE-2023-5594 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
How severe is CVE-2023-5594?
CVE-2023-5594 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-5594?
Check the references section above for vendor advisories and patch information. Affected products include: Eset Endpoint Antivirus, Eset Endpoint Security, Eset File Security, Eset Internet Security, Eset Mail Security.