CVE-2019-1590

A vulnerability in the Transport Layer Security TLS certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. The...

October 18, 2018—KB4462932 (OS Build 16299.755)

October 18, 2018—KB4462932 OS Build 16299.755 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses the redenomination of local currency that the Central Bank of Venezuela implemented ...

CVE-2019-7006

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13...

CVE-2019-7006

This CVE affects Avaya one-X Communicator where the vulnerability resides in the client authentication component, using weak cryptographic algorithms. The issue could allow a local attacker to decrypt sensitive information. Affected versions are all 6.2.x prior to 6.2 SP13; remediation is to upgr...

Open-Xchange: Username restriction bypass with SSL client authentication

Summary: Dovecot supports enforcing the login user name to be the one encoded in the SSL client certificate, thus restricting the username. Using SSL certificates that do not even contain the relevant field bypasses this restriction, maybe leading to full login bypass under some luckily rare...

Denial Of Service (DoS)

nss is vulnerable to denial of service. A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with t...

The vulnerability of Cisco IOS and Cisco IOS XE operating systems that use TACACS+ client authentication allows attackers to induce a service failure.

The vulnerability of Cisco IOS and Cisco IOS XE operating systems that use TACACS+ client authentication is related to errors in processing TACACS+ response packets. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure...

DEBIAN-CVE-2018-12608

An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root...

CVE-2018-12608

An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root...

Security Bulletin: IBM® Db2® is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT (CVE-2017-1520)

Summary For a CLIENT authentication type, a user without proper authority can activate database. The database becomes activated, but requires authentication to proceed further. This does not allow unauthorized access to the database. This issue applies to the application side. Vulnerability Detai...

Microsoft Windows: Network security: LAN Manager authentication level

This security setting determines which challenge/response authentication protocol is used for network logons. This choice affects the level of authentication protocol used by clients, the level of session security negotiated, and the level of authentication accepted by servers as follows: - Send ...

Cisco Wireless LAN Controller and Aironet Access Points IOS WebAuth Client Authentication Bypass Vulnerability

A vulnerability in Web Authentication WebAuth clients for the Cisco Wireless LAN Controller WLC and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulnerability is due to incorrect implementation of...

Information Disclosure

github.com/ory/fosite is vulnerable to information disclosure. The vulnerability exists as the request body may contain client secrets to be exposed when POST-body based client authentication is enabled...

TP-Link TL-SG108E XSS / Weak Access Control

Overview ------------- Three vulnerabilities have been discovered in the TP-Link TL-SG108E, firmware 1.0.0 Build 20160722 Rel.50167: CVE-2017-17745 - Cross Site Scripting XSS in systemnameset.cgi, sysName parameter CVE-2017-17746 - Weak access control for user authentication CVE-2017-17747 - Weak...

EulerOS 2.0 SP2 : nss (EulerOS-SA-2017-1247)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use thi...

EulerOS 2.0 SP1 : nss (EulerOS-SA-2017-1246)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use thi...

Important: nss

Issue Overview: Potential use-after-free in TLS 1.2 server when verifying client authentication: A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NS...

RedHat Update for nss RHSA-2017:2832-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

nss: Potential use-after-free in TLS 1.2 server when verifying client authentication

A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the...

CVE-2017-7805

A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the...