CVE-2021-20179 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-20179 Interim 1 4 2025-02-17T00:56:05Z current 2023-10-31T00:29:07Z 2025-02-17T00:56:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-20179 A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 SUSE Liberty Linux 8 jss-4.7.3-1.module+el8.3.0+8058+d5cd4219 jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219 ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62 ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62 pki-base-10.5.18-12.el7_9 pki-base-10.9.4-3.module+el8.3.0+10353+73f6df5b pki-base-java-10.5.18-12.el7_9 pki-base-java-10.9.4-3.module+el8.3.0+10353+73f6df5b pki-ca-10.5.18-12.el7_9 pki-ca-10.9.4-3.module+el8.3.0+10353+73f6df5b pki-javadoc-10.5.18-12.el7_9 pki-kra-10.5.18-12.el7_9 pki-kra-10.9.4-3.module+el8.3.0+10353+73f6df5b pki-server-10.5.18-12.el7_9 pki-server-10.9.4-3.module+el8.3.0+10353+73f6df5b pki-symkey-10.5.18-12.el7_9 pki-symkey-10.9.4-3.module+el8.3.0+10353+73f6df5b pki-tools-10.5.18-12.el7_9 pki-tools-10.9.4-3.module+el8.3.0+10353+73f6df5b python3-pki-10.9.4-3.module+el8.3.0+10353+73f6df5b tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9 pki-base-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-base-java-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-ca-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-javadoc-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-kra-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-server-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-symkey-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 pki-tools-10.5.18-12.el7_9 as a component of SUSE Liberty Linux 7 jss-4.7.3-1.module+el8.3.0+8058+d5cd4219 as a component of SUSE Liberty Linux 8 jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219 as a component of SUSE Liberty Linux 8 ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62 as a component of SUSE Liberty Linux 8 ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62 as a component of SUSE Liberty Linux 8 pki-base-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 pki-base-java-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 pki-ca-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 pki-kra-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 pki-server-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 pki-symkey-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 pki-tools-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 python3-pki-10.9.4-3.module+el8.3.0+10353+73f6df5b as a component of SUSE Liberty Linux 8 tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9 as a component of SUSE Liberty Linux 8 A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2021-20179 SUSE Liberty Linux 7:pki-base-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-base-java-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-ca-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-javadoc-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-kra-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-server-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-symkey-10.5.18-12.el7_9 SUSE Liberty Linux 7:pki-tools-10.5.18-12.el7_9 SUSE Liberty Linux 8:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219 SUSE Liberty Linux 8:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219 SUSE Liberty Linux 8:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62 SUSE Liberty Linux 8:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62 SUSE Liberty Linux 8:pki-base-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:pki-base-java-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:pki-ca-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:pki-kra-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:pki-server-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:pki-symkey-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:pki-tools-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:python3-pki-10.9.4-3.module+el8.3.0+10353+73f6df5b SUSE Liberty Linux 8:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9 important 5.5 AV:N/AC:L/Au:S/C:P/I:P/A:N 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N