5.5
CVE-2012-3367
- EPSS 1.16%
- Veröffentlicht 13.08.2012 20:55:08
- Zuletzt bearbeitet 16.06.2026 23:43:05
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Certificate System Version <= 8.1
Redhat ≫ Certificate System Version7.1
Redhat ≫ Certificate System Version7.2
Redhat ≫ Certificate System Version7.3
Redhat ≫ Certificate System Version8
Redhat ≫ Certificate System Version8.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.16% | 0.631 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 8 | 4.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:P
|
http://rhn.redhat.com/errata/RHSA-2012-1103.html
http://secunia.com/advisories/50013
http://www.securityfocus.com/bid/54608
http://www.securitytracker.com/id?1027284
http://osvdb.org/84098
https://bugzilla.redhat.com/show_bug.cgi?id=836268
https://exchange.xforce.ibmcloud.com/vulnerabilities/77102
https://fedorahosted.org/pki/changeset/2430