Insecure Signature

2022-03-0823:52:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

JSON

rpm has insecure signature. The vulnerability exists due to an untrusted RPM or public key.

CPENameOperatorVersion
rpmeq4.11.3__46.el7_9
rpmeq4.14.3__18.1.hsx.el8
rpmeq4.14.3__12.el8
rpmeq4.14.2__37.el8
rpmeq4.14.3__15.el8
rpmeq4.13.0.2__1.el7.c8
rpmeq4.14.3__15.1.hsx.el8
rpmeq4.8.0__19.el6_2.1
rpmeq4.14.3__18.el8
rpmeq4.8.0__33.el6_4

Name	Operator	Version
rpm	eq	4.11.3__46.el7_9
rpm	eq	4.14.3__18.1.hsx.el8
rpm	eq	4.14.3__12.el8
rpm	eq	4.14.2__37.el8
rpm	eq	4.14.3__15.el8
rpm	eq	4.13.0.2__1.el7.c8
rpm	eq	4.14.3__15.1.hsx.el8
rpm	eq	4.8.0__19.el6_2.1
rpm	eq	4.14.3__18.el8
rpm	eq	4.8.0__33.el6_4