Skip to main content

Jss Cryptomanager

1 CVEs product

Monthly

CVE-2019-14823 HIGH POC PATCH This Week

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Jss Cryptomanager Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus +4
NVD
CVSS 3.1
7.4
EPSS
0.9%
EPSS 1% CVSS 7.4
HIGH POC PATCH This Week

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Jss Cryptomanager Enterprise Linux +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy