FortiClient Vulnerability

Fedora systemd CVE-2018-21029 Certificate Validation Bypass Vulnerability

Description

A flaw in systemd-resolved was found to incorrectly verify certificates of a DNS resolver used for DNS Over TLS when the DNSOverTLS option is set to `yes`. A remote attacker in the network path between the vulnerable system and the DNS resolver may use this flaw to perform a man-in-the-middle attack and eavesdrop or modify DNS queries and responses. The attacker can learn the sites visited by a victim user, or redirect the victim user to malicious sites.

Affected Applications

systemd

CVE References

CVE-2018-21029

Other References

https://bugzilla.redhat.com/show_bug.cgi?id=1771725

ID	61087
Created	Jan 17, 2020
Description Updated	Jan 24, 2024
Risk
Coverage	FortiClient
OS	Linux
Vendor	Fedora
Patch	auto
Application	systemd

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Fedora systemd CVE-2018-21029 Certificate Validation Bypass Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Fedora systemd CVE-2018-21029 Certificate Validation Bypass Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center