Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-3367

Опубликовано: 13 авг. 2012
Источник: nvd
CVSS2: 5.5
EPSS Низкий

Описание

Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*
Версия до 8.1 (включая)
cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:dogtag_certificate_system:*:*:*:*:*:*:*:*

EPSS

Процентиль: 60%
0.004
Низкий

5.5 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

redhat логотип

CVE-2012-3367

redhat
больше 13 лет назад

Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.

github логотип

GHSA-jh3f-4cfw-pgf7

github
больше 3 лет назад

Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.

EPSS

Процентиль: 60%
0.004
Низкий

5.5 Medium

CVSS2

Дефекты

CWE-310