CVE-2023-37920

Published: Jul 25, 2023Modified: Feb 13, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.

Affected (9)

Products: Certifi: Certifi · Fedoraproject: Fedora · Netapp: Active Iq Unified Manager, Management Services For Element Software, Management Services For Netapp Hci, Ontap Mediator, Ontap Select Deploy Administration Utility, Solidfire & Hci Storage Node

1 product

1 product

6 products

Active Iq Unified Manager

Management Services For Element Software

Management Services For Netapp Hci

Ontap Mediator

Ontap Select Deploy Administration Utility

Solidfire & Hci Storage Node

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Certifi Certifi	From 2015.4.28 to 2023.7.22

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 38

Configuration C

7 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	All versions
Netapp Active Iq Unified Manager	All versions
Netapp Management Services For Element Software	All versions
Netapp Management Services For Netapp Hci	All versions
Netapp Ontap Mediator	All versions
Netapp Ontap Select Deploy Administration Utility	All versions
Netapp Solidfire & Hci Storage Node	All versions