CVE-2020-12143

Name of the Vulnerable Software and Affected Versions Orchestrator (affected versions not specified)

Description The issue arises from the lack of validation of the certificate used to identify Orchestrator to EdgeConnect devices. This oversight allows an attacker to establish a TLS connection from EdgeConnect to an untrusted Orchestrator, potentially compromising the security of the connection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.