15 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD...
RHEL 7 : cockpit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cockpit: authenticates with revoked certificates CVE-2021-3698 - Cockpit and its plugins do not seem to...
Advisory ROSA-SA-2023-2280
Software: cockpit 264.2 OS: ROSA Virtualization 2.1 packageevrstring: cockpit-264.2-1.0.1.rv3c.src.rpm CVE-ID: CVE-2021-3660 BDU-ID: 2021-04029 CVE-Crit: MEDIUM CVE-DESC.: A manager vulnerability for Cockpit servers is related to errors in the display of the user interface or frames. Exploitation...
CVE-2021-3698 affecting package cockpit 248-2
CVE-2021-3698 affecting package cockpit 248-2. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2022-0202)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated cockpit packages fix security vulnerability
authenticates with revoked certificates CVE-2021-3698...
MGASA-2022-0202 Updated cockpit packages fix security vulnerability
authenticates with revoked certificates CVE-2021-3698...
Rocky Linux 8 : cockpit (RLSA-2022:2008)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2008 advisory. - A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD...
AlmaLinux 8 : cockpit (ALSA-2022:2008)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2008 advisory. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website,...
Moderate: Red Hat Security Advisory: cockpit security, bug fix, and enhancement update
An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
cockpit security, bug fix, and enhancement update
An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...
CentOS 8 : cockpit (CESA-2022:2008)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:2008 advisory. - cockpit: pages vulnerable to clickjacking CVE-2021-3660 - cockpit: authenticates with revoked certificates CVE-2021-3698 Note that Nessus has not...
CVE-2021-3698
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the...
CVE-2021-3698
CVE-2021-3698 affects Cockpit prior to 260, where the certificate verification performed by the System Security Services Daemon (SSSD) can incorrectly authenticate client certificates regardless of CRL configuration or certificate status. The documented impact is confidentiality risk (license: HI...
CVE-2021-3698
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD. This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List CRL configuration or the...