CVE-2018-5408

CVE-2018-5408: PrinterLogic Print Management Software fails to validate the management portal SSL certificates

Vendor Printerlogic
Product Management Software
Weakness CWE-295
Published May 8, 2019
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. The software might connect to a malicious host while believing it is a trusted host, or the software might be deceived into accepting spoofed data that appears to originate from a trusted host.

Key dates

02Disclosure timeline

May 8, 2019 CVE published
August 5, 2024 Record updated