[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92231-0

Platform: cpe:/o:amazon:linux:2Date: (C)2018-10-29   (M)2023-07-04



This option tells Dovecot where to find the the mail server's SSL Certificate. Edit '/etc/dovecot/conf.d/10-ssl.conf' and add or correct the following line (


Parameter:

[ssl_cert_path]


Technical Mechanism:

SSL certificates are used by the client to authenticate the identity of the server, as well as to encrypt credentials and message traffic. Not using SSL to encrypt mail server traffic could allow unauthorized access to credentials and mail messages since they are sent in plain text over the network.

CCSS Severity:CCSS Metrics:
CCSS Score : 4.3Attack Vector: ADJACENT_NETWORK
Exploit Score: 2.8Attack Complexity: LOW
Impact Score: 1.4Privileges Required: NONE
Severity: MEDIUMUser Interaction: NONE
Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NScope: UNCHANGED
 Confidentiality: LOW
 Integrity: NONE
 Availability: NONE
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:48732
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:48418


OVAL    2
oval:org.secpod.oval:def:48418
oval:org.secpod.oval:def:48732
XCCDF    2
xccdf_org.secpod_benchmark_general_Amazon_Linux_AMI
xccdf_org.secpod_benchmark_general_Amazon_Linux_2

© SecPod Technologies