14 matches found
CVE-2021-27018
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...
CVE-2024-6834 Imperative Local Command Injection allows Activity Masking
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected signing proxied request by Zowe's client certificate. This allows access to a user to the endpoints requiring an internal client certificate without any credentials. It could lead to managing components in...
CVE-2021-27018
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...
CVE-2021-27018
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...
Design/Logic Flaw
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...
UBUNTU-CVE-2021-27018
The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source...
Tenable信任管理问题漏洞
Tenable Network Security Tenable.Sc is a vulnerability analysis solution from Tenable Network Security, USA. Sc is a vulnerability analysis solution from Tenable Network Security, Inc. that supports real-time vulnerability assessment and management. A security vulnerability exists in Tenable, whi...
CVE-2020-6020
Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator...
The vulnerability of the RESTful service programming interface of the Cisco Identity Services Engine, a connection policy management platform, allows a perpetrator to generate arbitrary certificates signed by internal certification services.
The vulnerability of the RESTful Services Programmable Interface ERS implementation of the Cisco Identity Services Engine platform is related to authentication errors. Exploiting this vulnerability allows a malicious actor to generate arbitrary certificates signed by the internal certification...
CVE-2019-1851
A vulnerability in the External RESTful Services ERS API of the Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority CA Services on ISE. This vulnerability is due to an incorrect...
CVE-2019-1851 Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerability
A vulnerability in the External RESTful Services ERS API of the Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority CA Services on ISE. This vulnerability is due to an incorrect...
CVE-2019-1851 Cisco Identity Services Engine Arbitrary Client Certificate Creation Vulnerability
A vulnerability in the External RESTful Services ERS API of the Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority CA Services on ISE. This vulnerability is due to an incorrect...
CVE-2006-6967
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration CCE. In addition, it describes...
Check Point FireWall-1 ICA Service Detection
The remote host is running Check Point FireWall-1 and is operating a web server on this port for its internal certificate authority ICA, which provides users with certificate revocation lists and registers users when using the Policy Server. Note that it is not known whether it is possible to...