Vulnerability Details CVE-2017-7509
An input validation error was found in Red Hat Certificate System's handling of client provided certificates before 8.1.20-1. If the certreq field is not present in a certificate an assertion error is triggered causing a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v3 Score 3.5
CVSS v2 Score 4.0
References
Products affected by CVE-2017-7509
-
cpe:2.3:a:redhat:certificate_system:-
-
cpe:2.3:a:redhat:certificate_system:7.1
-
cpe:2.3:a:redhat:certificate_system:7.2
-
cpe:2.3:a:redhat:certificate_system:7.3
-
cpe:2.3:a:redhat:certificate_system:8
-
cpe:2.3:a:redhat:certificate_system:8.0
-
cpe:2.3:a:redhat:certificate_system:8.1
-
cpe:2.3:a:redhat:certificate_system:8.1.1