10
CVE-2004-0607
- EPSS 3.04%
- Published 06.12.2004 05:00:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.
Data is provided by the National Vulnerability Database (NVD)
Ipsec-tools ≫ Ipsec-tools Version0.3
Ipsec-tools ≫ Ipsec-tools Version0.3.1
Ipsec-tools ≫ Ipsec-tools Version0.3.2
Ipsec-tools ≫ Ipsec-tools Version0.3_rc1
Ipsec-tools ≫ Ipsec-tools Version0.3_rc2
Ipsec-tools ≫ Ipsec-tools Version0.3_rc3
Ipsec-tools ≫ Ipsec-tools Version0.3_rc4
Ipsec-tools ≫ Ipsec-tools Version0.3_rc5
Redhat ≫ Enterprise Linux Version3.0 Editionadvanced_servers
Redhat ≫ Enterprise Linux Version3.0 Editionenterprise_server
Redhat ≫ Enterprise Linux Version3.0 Editionworkstation
Redhat ≫ Enterprise Linux Desktop Version3.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.04% | 0.861 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|