Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-8020

Опубликовано: 31 июл. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 7.4

Описание

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate with revoked certificates to connections that require mutual TLS. Users not using OCSP checks are not affected by this vulnerability.

РелизСтатусПримечание
bionic

not-affected

1.2.17-1
cosmic

not-affected

1.2.17-1
devel

not-affected

1.2.17-1
disco

not-affected

1.2.17-1
eoan

not-affected

1.2.17-1
esm-apps/bionic

not-affected

1.2.17-1
esm-apps/focal

not-affected

1.2.17-1
esm-apps/jammy

not-affected

1.2.17-1
esm-apps/noble

not-affected

1.2.17-1
esm-apps/xenial

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%
0.01582
Низкий

4.3 Medium

CVSS2

7.4 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-8020

CVSS3: 7.1
redhat
больше 7 лет назад

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate with revoked certificates to connections that require mutual TLS. Users not using OCSP checks are not affected by this vulnerability.

nvd логотип

CVE-2018-8020

CVSS3: 7.4
nvd
больше 7 лет назад

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate with revoked certificates to connections that require mutual TLS. Users not using OCSP checks are not affected by this vulnerability.

debian логотип

CVE-2018-8020

CVSS3: 7.4
debian
больше 7 лет назад

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw t ...

github логотип

GHSA-r94v-7v68-9rjq

CVSS3: 7.4
github
больше 3 лет назад

Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users to authenticate with revoked certificates to connections that require mutual TLS. Users not using OCSP checks are not affected by this vulnerability.

suse-cvrf логотип

SUSE-SU-2019:14014-1

suse-cvrf
почти 7 лет назад

Security update for libtcnative-1-0

EPSS

Процентиль: 81%
0.01582
Низкий

4.3 Medium

CVSS2

7.4 High

CVSS3