CVE-2026-53475

9.3 CRITICAL

A flaw was found in assisted-migration-agent

Published: 2026-06-10 · Last updated: 2026-06-10

Severity and scoring

CVSS: 9.3 CRITICAL
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
CWE: CWE-295

Description

A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security (TLS) connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials. This can lead to unauthorized access to vCenter.

Source: NVD

References

Related CVEs

Same CWE

CVE-2026-9758 — Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered tru... (7.3 HIGH)
CVE-2026-41714 — Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri("amqps://...") without also calling setUseSSL(... (4.0 MEDIUM)
CVE-2026-42769 — Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (... (5.3 MEDIUM)
CVE-2026-50752 — A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a... (7.4 HIGH)
CVE-2026-45745 — Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities (8.0 HIGH)