CVE-2003-0960
Published Dec 15, 2003
Last updated 8 years ago
Overview
- Description
- OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openca:openca:0.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2091E6F-DCEF-4A0B-B9D5-8C68462FF198"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "583D6CE9-76CA-4469-A608-60FB5C20A099"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BC6D293-6140-435D-9AA9-1579CBD01FEF"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C28F5B50-380E-4569-B939-A18B28646E12"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.9.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB46AC2D-15B6-4C6E-B073-4DE2FEB4D42E"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.9.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE3B0051-6082-4B40-B3F2-268866E1784A"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A01AEDA-B58B-4823-883A-CA43281EDAD3"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.9.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63E8A9C3-DCD8-4B7A-97C6-85CFD808E9FA"
},
{
"criteria": "cpe:2.3:a:openca:openca:0.9.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9919778A-F611-483F-AA1D-81154289EE14"
}
],
"operator": "OR"
}
]
}
]