Use Of A Broken Or Risky Cryptographic Algorithm

Easy-RSA is vulnerable to weak encryption algorithm usage. The vulnerability is due to insecure key generation due to the use of a weak default encryption algorithm when creating the private CA key with OpenSSL 3, and attackers can exploit this to more easily brute-force the CA private key and...

UBUNTU-CVE-2024-13454

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3...

CVE-2024-13454

CVE-2024-13454 affects Easy-RSA versions 3.0.5 through 3.1.7. The root cause is a weak encryption algorithm when the private CA key is created using OpenSSL 3, enabling a local attacker to more easily bruteforce the private CA key. Impact is limited to confidentiality/integrity of the CA key as i...

easy-rsa 加密问题漏洞

easy-rsa is a simple shell-based CA utility from the OpenVPN open source. A security vulnerability exists in easy-rsa versions 3.0.5 through 3.1.7, which stems from the fact that when creating a password-protected CA private key using the easyrsa build-ca command, Easy-RSA incorrectly uses the...