Plugins Database As of 12-07-2019

CentOS Update for jss CESA-2019:3067 centos7

CentOS Local Security Checks
Impact by CVSS Score
  • ID: 1.3.6.1.4.1.25623.1.0.883116

CVSS Base Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N

Summary:
The remote host is missing an update for the 'jss' Linux Distribution Package(s) announced via the CESA-2019:3067 advisory.

Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.

Technical Details:
Java Security Services (JSS) provides an interface between Java Virtual Machine and Network Security Services (NSS). It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System. Security Fix(es): * JSS: OCSP policy 'Leaf and Chain' implicitly trusts the root certificate (CVE-2019-14823) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Versions:
'jss' Linux Distribution Package(s) on CentOS 7.

Recommendations:
Please install the updated Linux Distribution Package(s).

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

Search
Severity
Medium
CVSS Score
5.8
Published
2019-10-22 02:01:53
Modified
2019-10-24 06:55:50
CVE
CVE-2019-14823

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.