Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2020.0018
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2020-0018)
Zusammenfassung:	The remote host is missing an update for the 'jss' package(s) announced via the MGASA-2020-0018 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'jss' package(s) announced via the MGASA-2020-0018 advisory. Vulnerability Insight: Updated jss packages fix security vulnerability: A flaw was found in the 'Leaf and Chain' OCSP policy implementation in JSS CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle (CVE-2019-14823). Affected Software/OS: 'jss' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14823 FEDORA-2019-24a0a2f24e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG/ FEDORA-2019-4d33c62860 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY/ FEDORA-2019-68c2fbcf82 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE/ RHSA-2019:3067 https://access.redhat.com/errata/RHSA-2019:3067 RHSA-2019:3225 https://access.redhat.com/errata/RHSA-2019:3225 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14823
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.