CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
23.8%
Issue Overview:
An initial fix in Amazon Linux ca-certificates package relating to CVE-2022-23491 did not properly remove root certificates from TrustCor from the root store. (CVE-2023-32803)
Affected Packages:
ca-certificates
Issue Correction:
Run yum update ca-certificates to update your system.
New Packages:
noarch:
ca-certificates-2018.2.22-65.1.30.amzn1.noarch
src:
ca-certificates-2018.2.22-65.1.30.amzn1.src
Red Hat: CVE-2023-32803
Mitre: CVE-2023-32803
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | noarch | ca-certificates | < 2018.2.22-65.1.30.amzn1 | ca-certificates-2018.2.22-65.1.30.amzn1.noarch.rpm |