ID |
CVE-2012-4546
|
Summary |
The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.3 (as of 22-04-2019 - 17:48) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-16 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
redhat
via4
|
advisories | bugzilla | id | 905594 | title | Unable to install ipa-server-trust-ad pkg on 32-bit platform |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | ipa-admintools is earlier than 0:3.0.0-25.el6 | oval | oval:com.redhat.rhsa:tst:20130528001 |
comment | ipa-admintools is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20111533002 |
|
AND | comment | ipa-client is earlier than 0:3.0.0-25.el6 | oval | oval:com.redhat.rhsa:tst:20130528003 |
comment | ipa-client is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20194268008 |
|
AND | comment | ipa-python is earlier than 0:3.0.0-25.el6 | oval | oval:com.redhat.rhsa:tst:20130528005 |
comment | ipa-python is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20111533006 |
|
AND | comment | ipa-server is earlier than 0:3.0.0-25.el6 | oval | oval:com.redhat.rhsa:tst:20130528007 |
comment | ipa-server is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20194268024 |
|
AND | comment | ipa-server-selinux is earlier than 0:3.0.0-25.el6 | oval | oval:com.redhat.rhsa:tst:20130528009 |
comment | ipa-server-selinux is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20111533010 |
|
AND | comment | ipa-server-trust-ad is earlier than 0:3.0.0-25.el6 | oval | oval:com.redhat.rhsa:tst:20130528011 |
comment | ipa-server-trust-ad is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20194268030 |
|
|
|
|
| rhsa | id | RHSA-2013:0528 | released | 2013-02-20 | severity | Low | title | RHSA-2013:0528: ipa security, bug fix and enhancement update (Low) |
|
| rpms | - ipa-admintools-0:3.0.0-25.el6
- ipa-client-0:3.0.0-25.el6
- ipa-debuginfo-0:3.0.0-25.el6
- ipa-python-0:3.0.0-25.el6
- ipa-server-0:3.0.0-25.el6
- ipa-server-selinux-0:3.0.0-25.el6
- ipa-server-trust-ad-0:3.0.0-25.el6
|
|
refmap
via4
|
|
Last major update |
22-04-2019 - 17:48 |
Published |
03-04-2013 - 00:55 |
Last modified |
22-04-2019 - 17:48 |