High severity7.5NVD Advisory· Published Sep 18, 2024· Updated Jun 17, 2026
CVE-2024-8287
CVE-2024-8287
Description
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbox Stream Agent from within an internal network before they can attempt to take advantage of this.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 1.17.0 - 1.23.0
- Canonical Ltd./Anbox Cloudv5Range: 1.17.0
Patches
Vulnerability mechanics
References
3- bugs.launchpad.net/anbox-cloud/+bug/2077570nvdVendor Advisory
- www.cve.org/CVERecordnvdThird Party Advisory
- discourse.ubuntu.com/t/anbox-cloud-1-23-1-has-been-released/48141nvdRelease Notes
News mentions
0No linked articles in our index yet.