← Back

Jss Cryptomanager

jss_cryptomanager

Vendor: Jss Cryptomanager Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-14823
2Jss Cryptomanager Project
Redhat
8Enterprise Linux
Enterprise Linux DesktopEnterprise Linux Eus+5 more
Nov 21, 2024
Oct 14, 2019
N/A· v4
7.4 HIGH· v3
5.8 MEDIUM· v2
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using th...Show more
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.Show less