54 matches found
step-ca has Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18)
Summary An attacker can force a Step CA SCEP provisioner to create certificates without completing certain protocol authorization checks. Details SCEP requests carry a message type. On receipt of a SCEP request, Step CA starts processing it by parsing its contents. Message types that were...
GHSA-FW7P-63QQ-7HPR vulnerabilities
Vulnerabilities for packages: fulcio, age, dgraph, telegraf, caddy, jitsucom-bulker, kots, sqlexporter, apko, rekor, seaweedfs, cerbos, kyverno, kyverno-policy-reporter, nri-mysql, flux-kustomize-controller, keda, nuclei, openfga, sftpgo-plugin-eventstore, spire-server, terragrunt, trillian,...
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos' Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco 's third-party...
CVE-2025-44005
A flaw was found in the Automated Certificate Management Environment ACME and Simple Certificate Enrollment Protocol SCEP provisioner features of Step CA github.com/smallstep/certificates. This vulnerability allows an authorization bypass vulnerability in Step CA’s ACME and SCEP provisioners wher...
CVE-2025-44005
The CVE describes an Authorization bypass in Smallstep Step CA where ACME or SCEP provisioners can create certificates without completing certain protocol authorization checks. Affected component: Step CA (ACME/SCEP provisioners). Root cause: bypass of authorization checks. Impact: potential issu...
CVE-2025-44005
An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks...
smallstep Step-CA Certificate Signing authentication bypass vulnerability
Talos Vulnerability Report TALOS-2025-2242 smallstep Step-CA Certificate Signing authentication bypass vulnerability December 17, 2025 CVE Number CVE-2025-44005 SUMMARY An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completi...
FreeBSD : step-certificates -- Authorization Bypass in ACME and SCEP Provisioners (eca46635-db51-11f0-9b8d-40a6b7c3b3b8)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eca46635-db51-11f0-9b8d-40a6b7c3b3b8 advisory. smallstep reports: An attacker can bypass authorization checks and force a Step CA ACME or SCEP...
GO-2025-4181 step-ca Has Improper Authorization Check for SSH Certificate Revocation in github.com/smallstep/certificates
step-ca Has Improper Authorization Check for SSH Certificate Revocation in github.com/smallstep/certificates...
CVE-2025-66406
CVE-2025-66406 affects Step CA (github.com/smallstep/certificates). Before version 0.29.0, there is an improper authorization check for SSH certificate revocation, impacting deployments configured with the SSHPOP provisioner. The root cause is inadequate authorization on revocation requests; the ...
EUVD-2025-201014
Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...
CVE-2025-66406 Improper Authorization Check for SSH Certificate Revocation
Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...
CVE-2025-66406
Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...
Step CA Has Authorization Bypass in ACME and SCEP Provisioners
Summary A security fix is now available for Step CA that resolves a vulnerability affecting deployments configured with ACME and/or SCEP provisioners. All operators running these provisioners should upgrade to the latest release v0.29.0 immediately. The issue was discovered and disclosed by a...
step-ca Has Improper Authorization Check for SSH Certificate Revocation
Summary An authorized attacker can bypass authorization checks and revoke any SSH certificate issued by Step CA by using a valid revocation token. Details Step CA users can obtain SSH certificates from a few provisioners. The SSHPOP provisioner allows revocation of the SSH certificate preventing...
GHSA-J7C9-79X7-8HPR step-ca Has Improper Authorization Check for SSH Certificate Revocation
Summary An authorized attacker can bypass authorization checks and revoke any SSH certificate issued by Step CA by using a valid revocation token. Details Step CA users can obtain SSH certificates from a few provisioners. The SSHPOP provisioner allows revocation of the SSH certificate preventing...
Smallstep step-ca 安全漏洞
Smallstep step-ca is an online certificate authority for secure, automated certificate management for DevOps from Smallstep USA. A security vulnerability exists in Smallstep step-ca versions prior to 0.29.0 that stems from improper SSH certificate revocation authorization checking, which could le...
GHSA-X6FH-7QMF-69XH vulnerabilities
Vulnerabilities for packages: step-issuer, caddy, step, step-ca...
CVE-2025-62820 vulnerabilities
Vulnerabilities for packages: step-issuer, caddy, step, step-ca...
GHSA-X6FH-7QMF-69XH vulnerabilities
Vulnerabilities for packages: step-ca-fips, caddy-fips, step-ca, step-issuer, step, step-issuer-fips, step-fips, caddy...