Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD...

7.5CVSS7.2AI score0.00665EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 7 : cockpit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cockpit: authenticates with revoked certificates CVE-2021-3698 - Cockpit and its plugins do not seem to...

7AI score0.01242EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2023/10/24 2:5 p.m.24 views

Advisory ROSA-SA-2023-2280

Software: cockpit 264.2 OS: ROSA Virtualization 2.1 packageevrstring: cockpit-264.2-1.0.1.rv3c.src.rpm CVE-ID: CVE-2021-3660 BDU-ID: 2021-04029 CVE-Crit: MEDIUM CVE-DESC.: A manager vulnerability for Cockpit servers is related to errors in the display of the user interface or frames. Exploitation...

7.5CVSS6.5AI score0.01242EPSS
Exploits0
CBLMariner
CBLMariner
added 2022/05/26 7:4 p.m.24 views

CVE-2021-3698 affecting package cockpit 248-2

CVE-2021-3698 affecting package cockpit 248-2. A patched version of the package is available...

7.5CVSS7.5AI score0.00665EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/05/26 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2022-0202)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.00665EPSS
Exploits0References5
Mageia
Mageia
added 2022/05/25 6:46 p.m.46 views

Updated cockpit packages fix security vulnerability

authenticates with revoked certificates CVE-2021-3698...

7.5CVSS3AI score0.00665EPSS
Exploits0References3
OSV
OSV
added 2022/05/25 6:46 p.m.5 views

MGASA-2022-0202 Updated cockpit packages fix security vulnerability

authenticates with revoked certificates CVE-2021-3698...

7.5CVSS7.5AI score0.00665EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.32 views

Rocky Linux 8 : cockpit (RLSA-2022:2008)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2008 advisory. - A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD...

7.5CVSS6.2AI score0.01242EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.21 views

AlmaLinux 8 : cockpit (ALSA-2022:2008)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2008 advisory. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website,...

7.5CVSS6.3AI score0.01242EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/05/10 1:59 p.m.46 views

Moderate: Red Hat Security Advisory: cockpit security, bug fix, and enhancement update

An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.6AI score0.01242EPSS
Exploits0References13
Rockylinux
Rockylinux
added 2022/05/10 6:44 a.m.78 views

cockpit security, bug fix, and enhancement update

An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

7.5CVSS6.2AI score0.01242EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.40 views

CentOS 8 : cockpit (CESA-2022:2008)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:2008 advisory. - cockpit: pages vulnerable to clickjacking CVE-2021-3660 - cockpit: authenticates with revoked certificates CVE-2021-3698 Note that Nessus has not...

7.5CVSS6.5AI score0.01242EPSS
Exploits0References3
NVD
NVD
added 2022/03/10 5:42 p.m.16 views

CVE-2021-3698

A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the...

7.5CVSS0.00665EPSS
Exploits0References1
CVE
CVE
added 2022/03/08 2:7 p.m.163 views

CVE-2021-3698

CVE-2021-3698 affects Cockpit prior to 260, where the certificate verification performed by the System Security Services Daemon (SSSD) can incorrectly authenticate client certificates regardless of CRL configuration or certificate status. The documented impact is confidentiality risk (license: HI...

7.5CVSS7.1AI score0.00665EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2022/03/08 2:7 p.m.58 views

CVE-2021-3698

A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the...

7.5CVSS7.3AI score0.00665EPSS
Exploits0
Rows per page
Query Builder