Security vulnerabilities (CVE-51192 and CVE-57582) reported for VCS Authentication Server vcsauthserver process on port 14149
Article ID: 100053886
Updated On:
Description
Error Message
3rd party vulnerability report stated:
"Security vulnerability Definition: SSL Certificate Cannot Be Trusted" against port 14149
Cause
The service which runs on port “14149” is “vcsauthserver” whose only job is to act as Internal CA authority. This service issues digital certificates for other VCS services which are used for SSL communication.
vcsauthserver (port:14149) self-signs its own certificate and then signs certs for other VCS services like HAD,CMDSERVER,CPSERVER. These services use these certificates for authentication and encryption of traffic.
Resolution
Since vcsauthserver is an internal-only service, the reported vulnerabilities can be safely ignored.
Issue/Introduction
Security vulnerabilities (CVE-51192 and CVE-57582) reported for VCS Authentication Server vcsauthserver process on port 14149
Was this article helpful?
Yes
No
Powered by
