[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:2335-01 -- Redhat pki-core

ID: oval:org.secpod.oval:def:502113Date: (C)2017-08-04   (M)2023-12-20
Class: PATCHFamily: unix




Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure deployments. PKI Core contains fundamental packages required by Red Hat Certificate System, which comprise the Certificate Authority subsystem. Security Fix: * It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. This issue was discovered by Christina Fu .

Platform:
Red Hat Enterprise Linux 7
Product:
pki
Reference:
RHSA-2017:2335-01
CVE-2017-7537
CVE    1
CVE-2017-7537
CPE    2
cpe:/a:pki-core:pki-core
cpe:/o:redhat:enterprise_linux:7

© SecPod Technologies