UBUNTU-CVE-2021-20179

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2021-20179
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-20179.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-20179
Upstream
Published
2021-03-15T13:15:00Z
Modified
2025-09-08T16:46:54Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
  • Ubuntu - high
Summary
[none]
Details

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.

References

Affected packages

Ubuntu:Pro:18.04:LTS / dogtag-pki

Package

Name
dogtag-pki
Purl
pkg:deb/ubuntu/dogtag-pki@10.6.0-1ubuntu2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.3.5+12-4ubuntu1
10.3.5+12-5
10.5.3-3
10.5.3-4
10.5.5-1
10.6.0~beta2-3
10.6.0-1ubuntu1
10.6.0-1ubuntu2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "dogtag-pki"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "dogtag-pki-console-theme"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "dogtag-pki-server-theme"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "libsymkey-java"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "libsymkey-jni"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-base"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-base-java"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-ca"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-console"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-javadoc"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-kra"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-ocsp"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-server"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-tks"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-tools"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-tps"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "pki-tps-client"
        },
        {
            "binary_version": "10.6.0-1ubuntu2",
            "binary_name": "python3-pki-base"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / dogtag-pki

Package

Name
dogtag-pki
Purl
pkg:deb/ubuntu/dogtag-pki@10.8.3-1ubuntu1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.7.3-4
10.8.3-1ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "dogtag-pki"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "dogtag-pki-console-theme"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "dogtag-pki-server-theme"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "libsymkey-java"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "libsymkey-jni"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-base"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-base-java"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-ca"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-console"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-javadoc"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-kra"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-ocsp"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-server"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-tks"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-tools"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-tps"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "pki-tps-client"
        },
        {
            "binary_version": "10.8.3-1ubuntu1",
            "binary_name": "python3-pki-base"
        }
    ]
}