Step CA SCEP UpdateReq Unauthenticated Certificate Issuance Vulnerability
Vulnerability
A vulnerability in Step CA versions through 0.30.0-rc6 allows for unauthenticated certificate issuance via the SCEP UpdateReq message. This issue has been addressed in version 0.30.0.
Impact
Exploitation of this vulnerability allows for unauthorized certificate issuance, which could be used for malicious purposes such as impersonating a legitimate entity or user.
Reproduction
To reproduce this vulnerability, send a SCEP UpdateReq message to a Step CA instance running a vulnerable version. This can be done using a SCEP client that does not authenticate the request. The Step CA SCEP server will issue a certificate in response, without requiring any authentication.
Remediation
Upgrade to Step CA version 0.30.0 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.