The following security vulnerabilities were found in our latest Gemini Central, version 3.1, based on the recent scan run on May 25th, 2023. Related fixes are scheduled to be available in our next release.
CentOS 7 : java-11-openjdk (CESA-2023:1875) - High
- The remote Linux host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:1875 advisory.
- https://www.tenable.com/plugins/nessus/174680
SSL Certificate Cannot Be Trusted - Medium
- The server’s X.509 certificate cannot be trusted. Situations can occur in which the chain of trust can be broken. More information in the link below.
- https://www.tenable.com/plugins/nessus/51192
SSL Self-Signed Certificate - Medium
- The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.
- https://www.tenable.com/plugins/nessus/57582
Please reach out to our Support at [email protected] if you have any questions or concerns regarding this advisory.
Did you find it helpful? Yes No
Send feedback