cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-28872,https://securityvulnerability.io/vulnerability/CVE-2024-28872,"Stork TLS Certificate Validation Code Flawed, Leading to Potential Data Loss and Denial of Service","The Stork management tool by ISC has a vulnerability in its TLS certificate validation process, which could be exploited by attackers. By obtaining a TLS certificate from the Stork server, an attacker can establish a connection with the Stork agent. This allows the attacker to send malicious commands to services monitored by Stork, such as Kea or BIND 9. The potential repercussions include unauthorized access to sensitive data and service disruption. It's crucial to note that the issue lies specifically with the Stork tool and does not directly affect Kea or BIND 9.",Isc,Stork,8.1,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2024-07-11T14:49:12.156Z,0