Описание
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-3367
- https://bugzilla.redhat.com/show_bug.cgi?id=836268
- https://exchange.xforce.ibmcloud.com/vulnerabilities/77102
- https://fedorahosted.org/pki/changeset/2430
- http://osvdb.org/84098
- http://rhn.redhat.com/errata/RHSA-2012-1103.html
- http://secunia.com/advisories/50013
- http://www.securityfocus.com/bid/54608
- http://www.securitytracker.com/id?1027284
EPSS
CVE ID
Связанные уязвимости
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.
EPSS