CVE-2021-20179
HIGHdogtagpki - Incorrect Authorization in Certificate Renewal
Title source: llmDescription
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.
References (9)
Core 9
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1914379
Patch, Third Party Advisory x_refsource_misc
https://github.com/dogtagpki/pki/pull/3478
Patch, Third Party Advisory x_refsource_misc
https://github.com/dogtagpki/pki/pull/3477
Patch, Third Party Advisory x_refsource_misc
https://github.com/dogtagpki/pki/pull/3476
Patch, Third Party Advisory x_refsource_misc
https://github.com/dogtagpki/pki/pull/3475
Patch, Third Party Advisory x_refsource_misc
https://github.com/dogtagpki/pki/pull/3474
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3I7BRAHLE2WWSY76W3CKFCF5WSSAE24/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRE44N6P24AEDKRMWK7RPRLMCUUBRJII/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDOLFOLEIV7I4EUC3SCZBXL6E2ER7ZEN/
Scores
CVSS v3
8.1
EPSS
0.0029
EPSS Percentile
52.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-863
Status
published
Products (7)
dogtagpki/dogtagpki
< 10.5.0
fedoraproject/fedora
32
fedoraproject/fedora
33
fedoraproject/fedora
34
redhat/certificate_system
10.0
redhat/enterprise_linux
7.0
redhat/enterprise_linux
8.0
Published
Mar 15, 2021
Tracked Since
Feb 18, 2026