Ecosystem Agent version 4 < 4.5.1.2597 and Ecosystem Agent version 5 < 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position.

Related CVEs

CVE-2024-5445

Key Information

GHSA ID

GHSA-frr6-4w4r-wrwv

Published

August 12, 2024 3:30 PM

Last Modified

August 12, 2024 3:30 PM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 23, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.