Lucene search

K

RedhatCVELIST:CVE-2021-20179

HistoryMar 15, 2021 - 12:01 p.m.

CVE-2021-20179

2021-03-1512:01:25

CWE-863

redhat

www.cve.org

2

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.0%

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.

CNA Affected

[
  {
    "product": "pki-core",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "pki-core 10.5, pki-core 10.8, pki-core 10.9, pki-core 10.10, pki-core 10.11"
      }
    ]
  }
]

References

bugzilla.redhat.com/show_bug.cgi?id=1914379

github.com/dogtagpki/pki/pull/3474

github.com/dogtagpki/pki/pull/3475

github.com/dogtagpki/pki/pull/3476

github.com/dogtagpki/pki/pull/3477

github.com/dogtagpki/pki/pull/3478

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDOLFOLEIV7I4EUC3SCZBXL6E2ER7ZEN/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRE44N6P24AEDKRMWK7RPRLMCUUBRJII/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3I7BRAHLE2WWSY76W3CKFCF5WSSAE24/

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.0%

Related for CVELIST:CVE-2021-20179

cve1 almalinux1 nessus19 oraclelinux2 redhatcve1 openvas8 nvd1 veracode1 rocky1 fedora4 debiancve1 prion1 ubuntucve1 osv2 redhat5 amazon1 centos1