PT-2019-13851 · Jss +3 · Cryptomanager +3

Name of the Vulnerable Software and Affected Versions: JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0 Description: A flaw was found in the "Leaf and Chain" OCSP policy implementation where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may...