CVE-2003-0546

EPSS 0.64%
Published 27.08.2003 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Up2date Version3.0.7-1 Editioni386

Redhat ≫ Up2date Version3.0.7-1 Editioni386_gnome

Redhat ≫ Up2date Version3.1.23-1 Editioni386

Redhat ≫ Up2date Version3.1.23-1 Editioni386_gnome

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.64%	0.68

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=106036724315539&w=2

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A631

https://nvd.nist.gov/vuln/detail/CVE-2003-0546

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0546

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0546

EUVD