KLA10396
SB vulnerability in WinSCP
Updated: 03/07/2019
Detect date
?
04/22/2014
Severity
?
High
Description

A lack of hostname verifications was found in the WinSCP. By exploiting this vulnerability malicious users can spoof the SSL server. This vulnerability can be exploited remotely via a man-in-the-middle attack.

Affected products

WinSCP versions 5.5.2 and earlier

Solution

Update to latest version

Impacts
?
SB 
[?]
Related products
WinSCP
CVE-IDS
?