Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : pki-core-10.5.18-23.el7 (AXSA:2022-3912:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3912:03 advisory. pki-core: When using the caServerKeygenDirUserCert profile, user can get certificates for other UIDs by entering name in Subject field CVE-2022-2393 Tenable...

5.7CVSS5.6AI score0.00235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-2393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw...

5.7CVSS6.1AI score0.00235EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.16 views

RHEL 7 : Red Hat Certificate System 9.7 CVE update (Moderate) (RHSA-2022:7077)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7077 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: CVE-2022-2393 pki-core:...

5.7CVSS6.4AI score0.00235EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.26 views

Amazon Linux 2 : pki-core (ALAS-2023-2304)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2304 advisory. A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the...

5.7CVSS6.2AI score0.00235EPSS
Exploits0References4
Amazon
Amazon
added 2023/10/19 12:0 a.m.24 views

Medium: pki-core

Issue Overview: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but...

5.7CVSS5.9AI score0.00235EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/31 4:3 p.m.36 views

Important: Red Hat Security Advisory: pki-core:10.6 security update

An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

7.5CVSS6.8AI score0.85323EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.25 views

Oracle Linux 9 : pki-core (ELSA-2023-2293)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2293 advisory. - Bug 2106459 - CVE-2022-2393 pki-core: Improper authentication/authorization with caServerKeygenDirUserCert profile - Bug 2107336 - CVE-2022-2414 pki-core:...

7.5CVSS7.4AI score0.85323EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.18 views

AlmaLinux 9 : pki-core (ALSA-2023:2293)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2293 advisory. - A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw...

5.7CVSS6.2AI score0.00235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.18 views

RHEL 9 : pki-core (RHSA-2023:2293)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2293 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-core: When using the...

5.7CVSS6.4AI score0.00235EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2023/05/09 10:1 a.m.24 views

Moderate: Red Hat Security Advisory: pki-core security, bug fix, and enhancement update

An update for jss, ldapjdk, pki-core, and tomcatjss is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

5.7CVSS6.5AI score0.00235EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2022/10/24 7:29 a.m.33 views

Moderate: Red Hat Security Advisory: Red Hat Certificate System 9.7 CVE bug fix update

Updated CVE security packages are now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

5.7CVSS6.5AI score0.00235EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2022/10/24 12:0 a.m.32 views

pki-core security update

10.5.18-23 - - RHEL 7.9 Batch Update 18: - - Bugzilla Bug 2107329 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE rhel-7.9.z ckelley, mharmsen - Bugzilla Bug 2111514 - CVE-2022-2393 pki-core: When using the caServerKeygenDirUserCert profile, user can get...

7.5CVSS2.9AI score0.85323EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/10/24 12:0 a.m.26 views

Oracle Linux 7 : pki-core (ELSA-2022-7086)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7086 advisory. - Bugzilla Bug 2107329 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE rhel-7.9.z ckelley, mharmsen - Bugzilla Bug 211151...

7.5CVSS7.3AI score0.85323EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2022/10/24 12:0 a.m.24 views

RHEL 7 : pki-core (RHSA-2022:7086)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7086 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-core: When using the...

5.7CVSS6.4AI score0.00235EPSS
Exploits0References5
CVE
CVE
added 2022/07/14 2:53 p.m.184 views

CVE-2022-2393

CVE-2022-2393 in pki-core describes a flaw where, when directory-based authentication is enabled, an authenticated attacker on an adjacent network can abuse the caServerKeygen_DirUserCert profile to obtain a certificate for another user identity (i.e., a different UID) by populating the Subject f...

5.7CVSS5.2AI score0.00235EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder