Endpoint Vulnerability

RHSA-2019:3067: jss security update (Important)

Description

Java Security Services (JSS) provides an interface between Java Virtual Machine and Network Security Services (NSS). It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System. Security Fix(es): * JSS: OCSP policy 'Leaf and Chain' implicitly trusts the root certificate (CVE-2019-14823) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

JSS

References

CVE-2019-14823,