Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2020-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.5AI score0.00859EPSS
Exploits1References4
Mageia
Mageia
added 2020/01/05 3:37 p.m.29 views

Updated jss packages fix security vulnerability

Updated jss packages fix security vulnerability: A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be...

7.4CVSS1.8AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.29 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : jss Vulnerability (NS-SA-2019-0240)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has jss packages installed that are affected by a vulnerability: - A flaw was found in the Leaf and Chain OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root...

7.4CVSS6.5AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/02 12:0 a.m.35 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : jss Vulnerability (NS-SA-2019-0219)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has jss packages installed that are affected by a vulnerability: - A flaw was found in the Leaf and Chain OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root...

7.4CVSS6.5AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/10/30 12:0 a.m.19 views

RHEL 7 : jss (RHSA-2019:3225)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3225 advisory. Java Security Services JSS provides an interface between Java Virtual Machine and Network Security Services NSS. It supports most of the security...

7.4CVSS6.8AI score0.00859EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/10/29 2:13 p.m.34 views

Important: Red Hat Security Advisory: jss security update

An update for jss is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.4CVSS6.8AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.63 views

Fedora 31 : jss (2019-24a0a2f24e)

Security fix for CVE-2019-14823 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7.4CVSS6.6AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.41 views

Fedora 30 : jss (2019-68c2fbcf82)

Security fix for CVE-2019-14823 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7.4CVSS6.6AI score0.00859EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/10/22 12:0 a.m.21 views

CentOS Update for jss CESA-2019:3067 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.4AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/10/17 12:0 a.m.25 views

Scientific Linux Security Update : jss on SL7.x x86_64 (20191016)

Security Fixes : - JSS: OCSP policy 'Leaf and Chain' implicitly trusts the root certificate CVE-2019-14823 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. C...

7.4CVSS6.6AI score0.00859EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/10/17 12:0 a.m.31 views

Oracle Linux 7 : jss (ELSA-2019-3067)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3067 advisory. Thu Sep 12 2019 Dogtag PKI Team [email protected] 4.4.6-3 - NVR bump 4.4.6-2 - Bugzilla 1747966 - CVE 2019-14823 jss: OCSP policy 'Leaf and Chain' implicitly...

7.4CVSS6.7AI score0.00859EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2019/10/16 6:37 a.m.33 views

Important: Red Hat Security Advisory: jss security update

An update for jss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.4CVSS6.8AI score0.00859EPSS
Exploits1References2
NVD
NVD
added 2019/10/14 8:15 p.m.11 views

CVE-2019-14823

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attack...

7.4CVSS6.7AI score0.00859EPSS
Exploits1References6
CVE
CVE
added 2019/10/14 7:35 p.m.164 views

CVE-2019-14823

The CVE-2019-14823 issue affects JSS: Leaf and Chain OCSP policy in CryptoManager (versions after 4.4.6, 4.5.3, 4.6.0) implicitly trusts the root certificate, potentially breaking chain verification and enabling MITM. Several connected advisories (Mageia MGASA-2020-0018, Red Hat RHSA-2019:3225, F...

7.4CVSS7AI score0.00859EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2019/10/14 7:35 p.m.15 views

CVE-2019-14823

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attack...

7.4CVSS6.6AI score0.00859EPSS
Exploits1
Symantec
Symantec
added 2019/10/14 12:0 a.m.73 views

JSS CryptoManager CVE-2019-14823 Security Bypass Vulnerability

...

1.5AI score0.00859EPSS
Exploits1Affected Software1
Rows per page
Query Builder