← Back to CVE List

CVE-2020-15526

Published: 2020-07-09T17:15Z
Last Modified: 2024-11-21T05:05Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifications pages to disable certificate checking for alert notifications. These TLS security checks are also ignored during monitoring of VMware machines. This would make SQL Monitor vulnerable to potential man-in-the-middle attacks when sending alert notification emails, posting to Slack or posting to webhooks. The vulnerability is fixed in version 10.1.7. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt