You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Open the user certificate managed and change some properties after first creating a base scan. Run another and note the changes are not detected. It appears some properties are not captured for comparison which could be by design? But some key ones like OCSP checking being disabled are important from a security standpoint.
To Reproduce
Steps to reproduce the behavior:
Go to a certificate and edit the properties
Change the friendly name i.e. DO_NOT_TRUST to DO_TRUST, change the cert purposes or disable the OCSP checks if enabled or change the extended validation for example. Save and run a scan to compare to a baseline scan.
Note the changes are not detected
Expected behavior
Modification of key properties should be detected. Might be a good idea to document if not in scope for the current release and convert this to an enhancement.
Screenshots
If applicable, add screenshots to help explain your problem.
System Configuration (please complete the following information):
OS: Windows
OS Version: Windows 10
Application Version: 2.1...see image
CLI or GUI: GUI
Additional Context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered:
I'm also not sure if that data being changed actually changes the Certificate or if instead it changes how Windows handles the certificate. I'm inclined to believe it is the latter as "modifying" the certificate itself doesn't make sense, given the signing and hashing. Either way this does appear to affect attack surface so it would be nice to collect this. Will investigate what can be done for 2.1.
gfs
changed the title
Certificate 'Modifications' In Windows are not detected
Windows Metadata Changes to Certificates (which do not modify the certificate itself) are not captured
Apr 15, 2020
Describe the bug
Open the user certificate managed and change some properties after first creating a base scan. Run another and note the changes are not detected. It appears some properties are not captured for comparison which could be by design? But some key ones like OCSP checking being disabled are important from a security standpoint.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Modification of key properties should be detected. Might be a good idea to document if not in scope for the current release and convert this to an enhancement.
Screenshots
If applicable, add screenshots to help explain your problem.
System Configuration (please complete the following information):
Additional Context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: