Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jss Cryptomanager Project Subscribe
Filtered by product Jss Cryptomanager
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-14823 3 Jss Cryptomanager Project, Linux, Redhat 9 Jss Cryptomanager, Linux Kernel, Enterprise Linux and 6 more 2023-02-12 5.8 MEDIUM 7.4 HIGH
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle.