Lucene search
IBMFDA728C1A12F4AC02D525291250B55E23BCC46CC270939D5FE20DBC06B772193HistorySep 27, 2023 - 7:22 p.m.
Security Bulletin: Vulnerability with Certifi affect IBM Cloud Object Storage Systems (Sept2023v3)
2023-09-2719:22:57
www.ibm.com
24
certifi vulnerability
ibm cloud object storage
cve-2023-37920
e-tugra root certificate
cvss 7.5
fix 3.17.5.79
0.001 Low
EPSS
Percentile
24.2%
Summary
Vulnerability with Certifi (CVE-2023-37920) This vulnerability have been addressed in the latest ClevOS releases
Vulnerability Details
CVEID:CVE-2023-37920
**DESCRIPTION:**An unspecified error with the removal of e-Tugra root certificate in Certifi has an unknown impact and attack vector.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/261639 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Cloud Object System | 3.17.5.57 or Prior Release |
Remediation/Fixes
| roduct(s) | Version Number | Remediation/Fix |
|---|---|---|
| IBM Cloud Object System | 3.17.5.79 | https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Cloud+Object+Storage+System&release=3.17.5.79&platform=All&function=all |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm cloud object storage system | eq | 3.17 |
Related
nessus
nessus
Fedora 38 : mingw-python-certifi (2023-b88b72e3e1)
2023-08-12 00:00:00
Amazon Linux AMI : ca-certificates (ALAS-2023-1817)
2023-09-11 00:00:00
CentOS 9 : fence-agents-4.10.0-56.el9
2024-02-29 00:00:00
openvas
openvas
Fedora: Security Advisory for mingw-python-certifi (FEDORA-2023-b88b72e3e1)
2023-08-14 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mingw-python-certifi-2023.7.22-1.fc38
2023-08-12 04:26:37
wolfi
wolfi
CVE-2023-37920 vulnerabilities
2024-05-28 21:07:31
ibm
ibm
cgr
cgr
CVE-2023-37920 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2023-37920 Certifi's removal of e-Tugra root certificate
2023-07-25 20:45:35
redhatcve
redhatcve
CVE-2023-37920
2023-07-28 09:49:12
osv
osv
Removal of e-Tugra root certificate
2023-07-25 14:43:53
CVE-2023-37920
2023-07-25 21:15:10
PYSEC-2023-135
2023-08-03 19:36:12
veracode
veracode
Authorization Bypass
2023-07-26 13:48:32
debiancve
debiancve
CVE-2023-37920
2023-07-25 21:15:10
amazon
amazon
Important: ca-certificates
2023-08-30 17:56:00
Important: ca-certificates
2023-08-31 22:28:00
prion
prion
Design/Logic Flaw
2023-07-25 21:15:00
cve
cve
CVE-2023-37920
2023-07-25 21:15:10
redos
redos
ROS-20240410-20
2024-04-10 00:00:00
github
github
Removal of e-Tugra root certificate
2023-07-25 14:43:53
alpinelinux
alpinelinux
CVE-2023-37920
2023-07-25 21:15:10
ubuntucve
ubuntucve
CVE-2023-37920
2023-07-25 00:00:00
redhat
redhat
(RHSA-2023:7435) Moderate: fence-agents security update
2023-11-21 15:08:57
(RHSA-2023:7753) Moderate: fence-agents security update
2023-12-12 16:42:00
(RHSA-2023:7378) Moderate: fence-agents security update
2023-11-21 08:14:10
oraclelinux
oraclelinux
fence-agents security update
2023-12-18 00:00:00
fence-agents security update
2024-01-11 00:00:00
almalinux
almalinux
Moderate: fence-agents security update
2024-01-10 00:00:00
Moderate: fence-agents security update
2023-12-12 00:00:00
aix
aix
AIX is affected by multiple vulnerabilities due to Python
2023-12-21 08:42:03
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0704
2023-12-26 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0179
2023-12-24 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0534
2023-12-24 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
0.001 Low
EPSS
Percentile
24.2%
Related for FDA728C1A12F4AC02D525291250B55E23BCC46CC270939D5FE20DBC06B772193