- Home
- CVEs with nessus.description==The remote Cisco Virtual Security Gateway device is affected by a
certificate validation bypass vulnerability in the bundled OpenSSL
library due to a flaw in the X509_verify_cert() function in x509_vfy.c
that is triggered when locating alternate certificate chains in cases
where the first attempt to build such a chain fails. A remote attacker
can exploit this, by using a valid leaf certificate as a certificate
authority (CA), to issue invalid certificates that will bypass
authentication.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top