- Home
- CVEs with nessus.description==According to its self-reported version number, the version of Cisco
Prime Security Manager installed on the remote host has a bundled
version of OpenSSL that is affected by a certificate validation bypass
vulnerability. The vulnerability exists due to a flaw in the
X509_verify_cert() function in x509_vfy.c that is triggered when
locating alternate certificate chains when the first attempt to build
such a chain fails. A remote attacker can exploit this, by using a
valid leaf certificate as a certificate authority (CA), to issue
invalid certificates that will bypass authentication.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top