[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-90814-5

Platform: cpe:/o:centos:centos:7, cpe:/o:redhat:enterprise_linux:7Date: (C)2017-06-29   (M)2023-07-04



This option tells Dovecot where to find the the mail server's SSL Key. Edit '/etc/dovecot/conf.d/10-ssl.conf' and add or correct the following line (


Parameter:

[Dovecot_ssl_key_path]


Technical Mechanism:

SSL certificates are used by the client to authenticate the identity of the server, as well as to encrypt credentials and message traffic. Not using SSL to encrypt mail server traffic could allow unauthorized access to credentials and mail messages since they are sent in plain text over the network.

CCSS Severity:CCSS Metrics:
CCSS Score : 4.3Attack Vector: ADJACENT_NETWORK
Exploit Score: 2.8Attack Complexity: LOW
Impact Score: 1.4Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NScope: UNCHANGED
 Confidentiality: LOW
 Integrity: NONE
 Availability: NONE
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:31219
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:30496


OVAL    2
oval:org.secpod.oval:def:31219
oval:org.secpod.oval:def:30496
XCCDF    2
xccdf_org.secpod_benchmark_general_CENTOS_7
xccdf_org.secpod_benchmark_general_RHEL_7

© SecPod Technologies