WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation (EnableCertPaddingCheck)
search cancel

WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation (EnableCertPaddingCheck)

book

Article ID: 270357

calendar_today

Updated On:

Products

CA Application Delivery Analysis (NetQoS / ADA)

Issue/Introduction

Need your support with these CVEs on CA ADA Manager and controllers servers CVE-2013-3900

Plugin Output: 

 Nessus detected the following potentially insecure registry key configuration:
    - Software\Microsoft\Cryptography\Wintrust\Config\EnableCertPaddingCheck is not present in the registry.
    - Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config\EnableCertPaddingCheck is not present in the registry.

 

Environment

Release : 11.1

Resolution

These suggested settings are OS-related to mitigate the vulnerabilities and can be added as per recommendations. Adding these will not impact ADA.

 

Powered by Wolken Software