pki-core is vulnerable to Weak Encryption. The vulnerability exists because the messages are not properly encrypted which allows an attacker on the adjacent network to impersonate another user within the scope of the domain causing an authentication bypass.