ID CVE-2012-4546
Summary The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 22-04-2019 - 17:48)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
redhat via4
advisories
bugzilla
id 905594
title Unable to install ipa-server-trust-ad pkg on 32-bit platform
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 6 is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • OR
      • AND
        • comment ipa-admintools is earlier than 0:3.0.0-25.el6
          oval oval:com.redhat.rhsa:tst:20130528001
        • comment ipa-admintools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111533002
      • AND
        • comment ipa-client is earlier than 0:3.0.0-25.el6
          oval oval:com.redhat.rhsa:tst:20130528003
        • comment ipa-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20194268008
      • AND
        • comment ipa-python is earlier than 0:3.0.0-25.el6
          oval oval:com.redhat.rhsa:tst:20130528005
        • comment ipa-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111533006
      • AND
        • comment ipa-server is earlier than 0:3.0.0-25.el6
          oval oval:com.redhat.rhsa:tst:20130528007
        • comment ipa-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20194268024
      • AND
        • comment ipa-server-selinux is earlier than 0:3.0.0-25.el6
          oval oval:com.redhat.rhsa:tst:20130528009
        • comment ipa-server-selinux is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20111533010
      • AND
        • comment ipa-server-trust-ad is earlier than 0:3.0.0-25.el6
          oval oval:com.redhat.rhsa:tst:20130528011
        • comment ipa-server-trust-ad is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20194268030
rhsa
id RHSA-2013:0528
released 2013-02-20
severity Low
title RHSA-2013:0528: ipa security, bug fix and enhancement update (Low)
rpms
  • ipa-admintools-0:3.0.0-25.el6
  • ipa-client-0:3.0.0-25.el6
  • ipa-debuginfo-0:3.0.0-25.el6
  • ipa-python-0:3.0.0-25.el6
  • ipa-server-0:3.0.0-25.el6
  • ipa-server-selinux-0:3.0.0-25.el6
  • ipa-server-trust-ad-0:3.0.0-25.el6
refmap via4
Last major update 22-04-2019 - 17:48
Published 03-04-2013 - 00:55
Last modified 22-04-2019 - 17:48
Back to Top