Medium severity5.9NVD Advisory· Published Jul 26, 2018· Updated Jun 17, 2026
CVE-2017-7537
CVE-2017-7537
Description
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Dogtag PKI/pki-corev5Range: 10.6.4
Patches
Vulnerability mechanics
References
3- github.com/dogtagpki/pki/commit/876d13c6d20e7e1235b9nvdPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdExploitIssue TrackingPatchThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2335nvdThird Party Advisory
News mentions
0No linked articles in our index yet.