CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10659
https://notcve.org/view.php?id=CVE-2020-10659
18 Mar 2020 — Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certificate chain. Entrust Entelligence Security Provider (ESP) versiones anteriores a 10.0.60 en Windows, maneja inapropiadamente errores durante una Comprobación del Certificado SSL, conllevando a situaciones donde (por ejemplo) un usuario continúa interactuando con un sitio web... • https://github.com/etherpacket/CVD-Applications/blob/master/EDC%20Security%20Bulletin%20E19-001a.pdf • CWE-295: Improper Certificate Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4594
https://notcve.org/view.php?id=CVE-2007-4594
29 Aug 2007 — Entrust Entelligence Security Provider (ESP) 8 does not properly validate certificates in certain circumstances involving (1) a chain that omits the root Certification Authority (CA) certificate, or an application that specifies disregarding (2) unknown revocation statuses during path validation or (3) certain errors in the certification path, which might allow context-dependent attackers to spoof certificate authentication. NOTE: the provenance of this information is unknown; the details are obtained solel... • http://secunia.com/advisories/26630 • CWE-255: Credentials Management Errors •