Jss Cryptomanager Project

jss_cryptomanager_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Jss Cryptomanager

jss_cryptomanager

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-14823 2Jss Cryptomanager Project Redhat 8Enterprise Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Nov 21, 2024 Oct 14, 2019 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using th...Show more A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-14823

2Jss Cryptomanager Project

Redhat

8Enterprise Linux

Enterprise Linux DesktopEnterprise Linux Eus+5 more

Nov 21, 2024

Oct 14, 2019

N/A· v4

7.4 HIGH· v3

5.8 MEDIUM· v2

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.Show less