Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-3698

A security issue was found in Cockpit in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List (CRL) configuration or the certificate status.

Source

Severity Medium

Remote Yes

Type Certificate verification bypass

Description

A security issue was found in Cockpit in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless of the Certificate Revocation List (CRL) configuration or the certificate status.

AVG-1393 cockpit 251-1 Medium Vulnerable

https://bugzilla.redhat.com/show_bug.cgi?id=1992149
https://cockpit-project.org/guide/latest/cert-authentication.html
https://github.com/SSSD/sssd/issues/5224

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect