Komodia SSL Digestor SDK MitM (Detected via HTTP Request)

medium Nessus Network Monitor Plugin ID 8930


The remote host is affected by a man-in-the-middle vulnerability.


The remote host has an application installed (such as Superfish) that uses the Komodia SSL Digestor SDK. This SDK is used to perform MitM attacks on all HTTPS connections. This is accomplished by installing a root CA certificate associated with the SDK into the Windows trusted system certificate store. The private keys for many of these root CAs are publicly known. Furthermore, this SDK is insecurely implemented and will report websites that use specially crafted self-signed certificates as trusted to the user.

A MitM attacker can exploit this vulnerability by reading and/or modifying communications encrypted via HTTPS without the user's knowledge.


If Superfish is installed, uninstall the application and related root CA certificate using the instructions provided by Lenovo.\n\nOtherwise, contact the vendor for information on how to uninstall the application and bundled root CA certificate.

See Also







Plugin Details

Severity: Medium

ID: 8930

Family: Policy

Published: 3/1/2015

Updated: 3/6/2019

Nessus ID: 81425

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.4

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:U/RC:ND

CVSS v3.0

Base Score: 6.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:X/RL:U/RC:X

Vulnerability Information

CPE: cpe:2.3:a:komodia:digestor:*:*:*:*:*:*:*:*

Patch Publication Date: 2/20/2015

Vulnerability Publication Date: 9/21/2014

Reference Information

CVE: CVE-2015-2077, CVE-2015-2078

BID: 72693