CVE-2021-45035

Velneo vClient on its 28.1.3 version, does not correctly check the certificate of authenticity by default. This could allow an attacker that has access to the network to perform a MITM attack in order to obtain the user´s credentials.

Date published : 2022-09-23

https://velneo.es/publicacion-de-incidencia-de-seguridad-en-cve-cve-2021-45035/

https://www.incibe-cert.es/en/early-warning/security-advisories/velneo-vclient-improper-authentication