CVE-2024-39771 Information

Description

QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack.

Reference

https://safie.jp/information/post_6933/ https://jvn.jp/en/jp/JVN83440451/