CVE-2025-44005
Published
CVSS v3
10
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
GitHub