Open get-famed[bot] opened 1 year ago
π€ Assignees for issue Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile("cert.pem", "cert.key")'. #17 are now eligible to Get Famed.
β Add assignees to track contribution times of the issue π¦ΈββοΈπ¦ΉοΈ β Add a single severity (CVSS) label to compute the score π·οΈοΈ
Happy hacking! π¦Ύπβ€οΈοΈ
π¦ΈββοΈ Famed Scanner
π Description
Found an insecure gRPC server without 'grpc.Creds()' or options with credentials. This allows for a connection without encryption to this server. A malicious attacker could tamper with the gRPC message, which could compromise the machine. Include credentials derived from an SSL certificate in order to create a secure gRPC connection. You can create credentials using 'credentials.NewServerTLSFromFile("cert.pem", "cert.key")'.
π Related files
grpc_server.go
This issue was created by famed π€