CVE-2018-12461Improper Certificate Validation in Edirectory

CWE-295Improper Certificate Validation3 documents3 sources
Severity
7.5HIGHNVD
CNA3.5
EPSS
0.1%
top 73.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netiq Edirectory
Timeline
PublishedJul 10
Latest updateMay 13

Description

Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5netiq/edirectoryeDirectory 9.1.19.1.1
NVDnetiq/edirectory9.1.1

🔴Vulnerability Details

2
GHSA
GHSA-fp9p-68v5-x9cv: Fixed issues with NetIQ eDirectory prior to 92022-05-13
CVEList
Certificate Revocation Check failure2018-07-10
CVE-2018-12461 — Improper Certificate Validation | cvebase