CVE-2016-10560

Name of the Vulnerable Software and Affected Versions galenframework-cli versions prior to 2.3.1

Description The issue concerns the insecure download of binary resources over HTTP, making it susceptible to man-in-the-middle (MITM) attacks. If an attacker is positioned on the network or between the user and the remote server, they may be able to swap the requested binary with a malicious one, potentially leading to remote code execution (RCE) on the system running the affected software.

Recommendations Update to version 2.3.1 or later. As a temporary workaround, consider restricting network access to minimize the risk of exploitation until the update is applied.