13 Déc 2022
Vulnérabilité CVE-2022-3996 CVE Vulnerability
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions. (CVSS:0.0) (Last Update:2022-12-13)
Vulnerability Details : If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions. Publish Date : 2022-12-13 Last Update Date : 2022-12-13 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2022-3996
- References For CVE-2022-3996
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2022-3996There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |