The host is installed with OpenSSL 1.1.1h through 1.1.1j and is prone to a security bypass vulnerability. A flaw is present in the application which fails to properly handle the check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters. Successful exploitation allows an attacker to bypass the check that non-CA certificates must not be able to issue other certificates.