Описание
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
Ссылки
- Broken Link
- Vendor Advisory
- Broken LinkIssue TrackingVendor Advisory
- Broken Link
- Vendor Advisory
- Broken LinkIssue TrackingVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
The default configuration on OpenSSL before 0.9.8 uses MD5 for creatin ...
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
EPSS
7.5 High
CVSS3
5 Medium
CVSS2