CVE-2020-15526

Name of the Vulnerable Software and Affected Versions Redgate SQL Monitor versions 7.1.4 through 10.1.6

Description The issue allows the scope for disabling some TLS security certificate checks to extend beyond the defined options, making the software vulnerable to potential man-in-the-middle attacks when sending alert notification emails, posting to Slack, or posting to webhooks. This affects the monitoring of VMware machines as well, where these TLS security checks are ignored.

Recommendations For versions 7.1.4 through 10.1.6, update to version 10.1.7 to resolve the issue.