Vulnerability-Lookup

CVE-2012-4543 (GCVE-0-2012-4543)

Vulnerability from cvelistv5 – Published: 2013-01-04 22:00 – Updated: 2024-08-06 20:42

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

RHSA-2013:0511

Vulnerability from csaf_redhat - Published: 2013-02-20 16:18 - Updated: 2025-11-21 17:42

Summary

Red Hat Security Advisory: pki-core security, bug fix and enhancement update

Severity

Moderate

Notes

Topic: Updated pki-core packages that fix multiple security issues, two bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

Details: Red Hat Certificate System is an enterprise software system designed to manage enterprise public key infrastructure (PKI) deployments. PKI Core contains fundamental packages required by Red Hat Certificate System, which comprise the Certificate Authority (CA) subsystem. Note: The Certificate Authority component provided by this advisory cannot be used as a standalone server. It is installed and operates as a part of Identity Management (the IPA component) in Red Hat Enterprise Linux. Multiple cross-site scripting flaws were discovered in Certificate System. An attacker could use these flaws to perform a cross-site scripting (XSS) attack against victims using Certificate System's web interface. (CVE-2012-4543) This update also fixes the following bugs: * Previously, due to incorrect conversion of large integers while generating a new serial number, some of the most significant bits in the serial number were truncated. Consequently, the serial number generated for certificates was sometimes smaller than expected and this incorrect conversion in turn led to a collision if a certificate with the smaller number already existed in the database. This update removes the incorrect integer conversion so that no serial numbers are truncated. As a result, the installation wizard proceeds as expected. (BZ#841663) * The certificate authority used a different profile for issuing the audit certificate than it used for renewing it. The issuing profile was for two years, and the renewal was for six months. They should both be for two years. This update sets the default and constraint parameters in the caSignedLogCert.cfg audit certificate renewal profile to two years. (BZ#844459) This update also adds the following enhancements: * IPA (Identity, Policy and Audit) now provides an improved way to determine that PKI is up and ready to service requests. Checking the service status was not sufficient. This update creates a mechanism for clients to determine that the PKI subsystem is up using the getStatus() function to query the cs.startup_state in CS.cfg. (BZ#858864) * This update increases the default root CA validity period from eight years to twenty years. (BZ#891985) All users of pki-core are advised to upgrade to these updated packages, which fix these issues and add these enhancements.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2012-4543

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Vendor Fix Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://access.redhat.com/errata/RHSA-2013:0511

References

URL

Category

	https://access.redhat.com/errata/RHSA-2013:0511	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=858864	external
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://bugzilla.redhat.com/show_bug.cgi?id=867640	external
	https://bugzilla.redhat.com/show_bug.cgi?id=891985	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2012-4543	self
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://www.cve.org/CVERecord?id=CVE-2012-4543	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4543	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated pki-core packages that fix multiple security issues, two bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System is an enterprise software system designed to\nmanage enterprise public key infrastructure (PKI) deployments. PKI Core\ncontains fundamental packages required by Red Hat Certificate System, which\ncomprise the Certificate Authority (CA) subsystem.\n\nNote: The Certificate Authority component provided by this advisory cannot\nbe used as a standalone server. It is installed and operates as a part of\nIdentity Management (the IPA component) in Red Hat Enterprise Linux.\n\nMultiple cross-site scripting flaws were discovered in Certificate System.\nAn attacker could use these flaws to perform a cross-site scripting (XSS)\nattack against victims using Certificate System\u0027s web interface.\n(CVE-2012-4543)\n\nThis update also fixes the following bugs:\n\n* Previously, due to incorrect conversion of large integers while\ngenerating a new serial number, some of the most significant bits in the\nserial number were truncated. Consequently, the serial number generated for\ncertificates was sometimes smaller than expected and this incorrect\nconversion in turn led to a collision if a certificate with the smaller\nnumber already existed in the database. This update removes the incorrect\ninteger conversion so that no serial numbers are truncated. As a result,\nthe installation wizard proceeds as expected. (BZ#841663)\n\n* The certificate authority used a different profile for issuing the audit\ncertificate than it used for renewing it. The issuing profile was for two\nyears, and the renewal was for six months. They should both be for two\nyears. This update sets the default and constraint parameters in the\ncaSignedLogCert.cfg audit certificate renewal profile to two years.\n(BZ#844459)\n\nThis update also adds the following enhancements:\n\n* IPA (Identity, Policy and Audit) now provides an improved way to\ndetermine that PKI is up and ready to service requests. Checking the\nservice status was not sufficient. This update creates a mechanism for\nclients to determine that the PKI subsystem is up using the getStatus()\nfunction to query the cs.startup_state in CS.cfg. (BZ#858864)\n\n* This update increases the default root CA validity period from eight\nyears to twenty years. (BZ#891985) \n\nAll users of pki-core are advised to upgrade to these updated packages,\nwhich fix these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:0511",
        "url": "https://access.redhat.com/errata/RHSA-2013:0511"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "858864",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=858864"
      },
      {
        "category": "external",
        "summary": "864397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
      },
      {
        "category": "external",
        "summary": "867640",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867640"
      },
      {
        "category": "external",
        "summary": "891985",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891985"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0511.json"
      }
    ],
    "title": "Red Hat Security Advisory: pki-core security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2025-11-21T17:42:23+00:00",
      "generator": {
        "date": "2025-11-21T17:42:23+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2013:0511",
      "initial_release_date": "2013-02-20T16:18:00+00:00",
      "revision_history": [
        {
          "date": "2013-02-20T16:18:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-02-20T16:29:34+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:42:23+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-native-tools-0:9.0.3-30.el6.x86_64",
                "product": {
                  "name": "pki-native-tools-0:9.0.3-30.el6.x86_64",
                  "product_id": "pki-native-tools-0:9.0.3-30.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-native-tools@9.0.3-30.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-symkey-0:9.0.3-30.el6.x86_64",
                "product": {
                  "name": "pki-symkey-0:9.0.3-30.el6.x86_64",
                  "product_id": "pki-symkey-0:9.0.3-30.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-symkey@9.0.3-30.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
                "product": {
                  "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
                  "product_id": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-core-debuginfo@9.0.3-30.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-native-tools-0:9.0.3-30.el6.i686",
                "product": {
                  "name": "pki-native-tools-0:9.0.3-30.el6.i686",
                  "product_id": "pki-native-tools-0:9.0.3-30.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-native-tools@9.0.3-30.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-symkey-0:9.0.3-30.el6.i686",
                "product": {
                  "name": "pki-symkey-0:9.0.3-30.el6.i686",
                  "product_id": "pki-symkey-0:9.0.3-30.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-symkey@9.0.3-30.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
                "product": {
                  "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
                  "product_id": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-core-debuginfo@9.0.3-30.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-setup-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-setup-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-setup-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-setup@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-selinux-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-selinux-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-selinux-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-selinux@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-util-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-util-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-util-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-util@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-common-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-common-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-common-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-java-tools-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-java-tools-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-java-tools-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-java-tools@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-ca-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-ca-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-ca-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-ca@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-silent-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-silent-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-silent-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-silent@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-java-tools-javadoc@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-util-javadoc@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common-javadoc@9.0.3-30.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-core-0:9.0.3-30.el6.src",
                "product": {
                  "name": "pki-core-0:9.0.3-30.el6.src",
                  "product_id": "pki-core-0:9.0.3-30.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-core@9.0.3-30.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-4543",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2012-10-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "864397"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-core-0:9.0.3-30.el6.src",
          "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
          "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-core-0:9.0.3-30.el6.src",
          "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Server:pki-ca-0:9.0.3-30.el6.noarch",
          "6Server:pki-common-0:9.0.3-30.el6.noarch",
          "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Server:pki-core-0:9.0.3-30.el6.src",
          "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Server:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Server:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Server:pki-setup-0:9.0.3-30.el6.noarch",
          "6Server:pki-silent-0:9.0.3-30.el6.noarch",
          "6Server:pki-symkey-0:9.0.3-30.el6.i686",
          "6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Server:pki-util-0:9.0.3-30.el6.noarch",
          "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
          "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-common-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-core-0:9.0.3-30.el6.src",
          "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
          "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Workstation:pki-util-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "RHBZ#864397",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4543",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-02-20T16:18:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-core-0:9.0.3-30.el6.src",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-core-0:9.0.3-30.el6.src",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-core-0:9.0.3-30.el6.src",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server:pki-util-0:9.0.3-30.el6.noarch",
            "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-core-0:9.0.3-30.el6.src",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0511"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-core-0:9.0.3-30.el6.src",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-core-0:9.0.3-30.el6.src",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-core-0:9.0.3-30.el6.src",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server:pki-util-0:9.0.3-30.el6.noarch",
            "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-core-0:9.0.3-30.el6.src",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile"
    }
  ]
}

RHSA-2012_1550

Vulnerability from csaf_redhat - Published: 2012-12-06 20:22 - Updated: 2024-11-22 05:49

Summary

Red Hat Security Advisory: pki security update

Severity

Moderate

Notes

Topic: Updated pki-common and pki-tps packages that fix multiple security issues are now available for Red Hat Certificate System 8.1. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: Red Hat Certificate System (RHCS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. Multiple cross-site scripting flaws were discovered in the Red Hat Certificate System. An attacker could use these flaws to perform a cross-site scripting (XSS) attack against victims using Certificate System's web interface. (CVE-2012-4543) Multiple denial of service flaws were found in the Red Hat Certificate System token processing. A Certificate System user could use these flaws to crash the Apache httpd web server child process, possibly interrupting the processing of other users' requests. (CVE-2012-4555, CVE-2012-4556) Red Hat would like to thank Patrick Raspante and Ryan Millay of GDC4S for reporting the CVE-2012-4555 and CVE-2012-4556 issues. All users of Red Hat Certificate System are advised to upgrade to these updated packages, which correct these issues. After installing this update, all Red Hat Certificate System subsystems must be restarted ("/etc/init.d /[instance-name] restart") for the update to take effect.

CVE-2012-4543

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2012-4555

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.

1.7 ()


                        
                          AV:L/AC:L/Au:S/C:N/I:N/A:P

CVE-2012-4556

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.

4.0 ()


                        
                          AV:N/AC:L/Au:S/C:N/I:N/A:P

References

URL

Category

	https://access.redhat.com/errata/RHSA-2012:1550	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://bugzilla.redhat.com/show_bug.cgi?id=869570	external
	https://bugzilla.redhat.com/show_bug.cgi?id=869579	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2012-4543	self
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://www.cve.org/CVERecord?id=CVE-2012-4543	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4543	external
	https://access.redhat.com/security/cve/CVE-2012-4555	self
	https://bugzilla.redhat.com/show_bug.cgi?id=869570	external
	https://www.cve.org/CVERecord?id=CVE-2012-4555	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4555	external
	https://access.redhat.com/security/cve/CVE-2012-4556	self
	https://bugzilla.redhat.com/show_bug.cgi?id=869579	external
	https://www.cve.org/CVERecord?id=CVE-2012-4556	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4556	external

Acknowledgments

Patrick Raspante

GDC4S Ryan Millay

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated pki-common and pki-tps packages that fix multiple security issues\nare now available for Red Hat Certificate System 8.1.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nMultiple cross-site scripting flaws were discovered in the Red Hat\nCertificate System. An attacker could use these flaws to perform a\ncross-site scripting (XSS) attack against victims using Certificate\nSystem\u0027s web interface. (CVE-2012-4543)\n\nMultiple denial of service flaws were found in the Red Hat Certificate\nSystem token processing. A Certificate System user could use these flaws\nto crash the Apache httpd web server child process, possibly interrupting\nthe processing of other users\u0027 requests. (CVE-2012-4555, CVE-2012-4556)\n\nRed Hat would like to thank Patrick Raspante and Ryan Millay of GDC4S for\nreporting the CVE-2012-4555 and CVE-2012-4556 issues.\n\nAll users of Red Hat Certificate System are advised to upgrade to these\nupdated packages, which correct these issues. After installing this update,\nall Red Hat Certificate System subsystems must be restarted (\"/etc/init.d\n/[instance-name] restart\") for the update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2012:1550",
        "url": "https://access.redhat.com/errata/RHSA-2012:1550"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "864397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
      },
      {
        "category": "external",
        "summary": "869570",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570"
      },
      {
        "category": "external",
        "summary": "869579",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869579"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1550.json"
      }
    ],
    "title": "Red Hat Security Advisory: pki security update",
    "tracking": {
      "current_release_date": "2024-11-22T05:49:10+00:00",
      "generator": {
        "date": "2024-11-22T05:49:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2012:1550",
      "initial_release_date": "2012-12-06T20:22:00+00:00",
      "revision_history": [
        {
          "date": "2012-12-06T20:22:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2012-12-06T20:31:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T05:49:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 8",
                "product": {
                  "name": "Red Hat Certificate System 8",
                  "product_id": "5Server-RHCertSystem",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:8::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Certificate System"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
                "product": {
                  "name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
                  "product_id": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common-javadoc@8.1.3-2.el5pki?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-common-0:8.1.3-2.el5pki.noarch",
                "product": {
                  "name": "pki-common-0:8.1.3-2.el5pki.noarch",
                  "product_id": "pki-common-0:8.1.3-2.el5pki.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common@8.1.3-2.el5pki?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-common-0:8.1.3-2.el5pki.src",
                "product": {
                  "name": "pki-common-0:8.1.3-2.el5pki.src",
                  "product_id": "pki-common-0:8.1.3-2.el5pki.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common@8.1.3-2.el5pki?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-tps-0:8.1.3-2.el5pki.src",
                "product": {
                  "name": "pki-tps-0:8.1.3-2.el5pki.src",
                  "product_id": "pki-tps-0:8.1.3-2.el5pki.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-tps-0:8.1.3-2.el5pki.i386",
                "product": {
                  "name": "pki-tps-0:8.1.3-2.el5pki.i386",
                  "product_id": "pki-tps-0:8.1.3-2.el5pki.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-tps-0:8.1.3-2.el5pki.x86_64",
                "product": {
                  "name": "pki-tps-0:8.1.3-2.el5pki.x86_64",
                  "product_id": "pki-tps-0:8.1.3-2.el5pki.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:8.1.3-2.el5pki.noarch as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch"
        },
        "product_reference": "pki-common-0:8.1.3-2.el5pki.noarch",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:8.1.3-2.el5pki.src as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src"
        },
        "product_reference": "pki-common-0:8.1.3-2.el5pki.src",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch"
        },
        "product_reference": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-tps-0:8.1.3-2.el5pki.i386 as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386"
        },
        "product_reference": "pki-tps-0:8.1.3-2.el5pki.i386",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-tps-0:8.1.3-2.el5pki.src as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src"
        },
        "product_reference": "pki-tps-0:8.1.3-2.el5pki.src",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-tps-0:8.1.3-2.el5pki.x86_64 as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        },
        "product_reference": "pki-tps-0:8.1.3-2.el5pki.x86_64",
        "relates_to_product_reference": "5Server-RHCertSystem"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-4543",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2012-10-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "864397"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "RHBZ#864397",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4543",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-12-06T20:22:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:1550"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Patrick Raspante"
          ]
        },
        {
          "names": [
            "Ryan Millay"
          ],
          "organization": "GDC4S"
        }
      ],
      "cve": "CVE-2012-4555",
      "discovery_date": "2012-10-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "869570"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pki-tps: Temporary denial of service on interrupted token format operations",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4555"
        },
        {
          "category": "external",
          "summary": "RHBZ#869570",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4555",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4555"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4555",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4555"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-12-06T20:22:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:1550"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.7,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "pki-tps: Temporary denial of service on interrupted token format operations"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Patrick Raspante"
          ]
        },
        {
          "names": [
            "Ryan Millay"
          ],
          "organization": "GDC4S"
        }
      ],
      "cve": "CVE-2012-4556",
      "discovery_date": "2012-10-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "869579"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pki-tps: Connection reset when performing empty certificate search in TPS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4556"
        },
        {
          "category": "external",
          "summary": "RHBZ#869579",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869579"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4556",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4556"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4556",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4556"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-12-06T20:22:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:1550"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "pki-tps: Connection reset when performing empty certificate search in TPS"
    }
  ]
}

RHSA-2013_0511

Vulnerability from csaf_redhat - Published: 2013-02-20 16:18 - Updated: 2024-11-22 05:49

Summary

Red Hat Security Advisory: pki-core security, bug fix and enhancement update

Severity

Moderate

Notes

CVE-2012-4543

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

References

URL

Category

	https://access.redhat.com/errata/RHSA-2013:0511	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=858864	external
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://bugzilla.redhat.com/show_bug.cgi?id=867640	external
	https://bugzilla.redhat.com/show_bug.cgi?id=891985	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2012-4543	self
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://www.cve.org/CVERecord?id=CVE-2012-4543	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4543	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated pki-core packages that fix multiple security issues, two bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System is an enterprise software system designed to\nmanage enterprise public key infrastructure (PKI) deployments. PKI Core\ncontains fundamental packages required by Red Hat Certificate System, which\ncomprise the Certificate Authority (CA) subsystem.\n\nNote: The Certificate Authority component provided by this advisory cannot\nbe used as a standalone server. It is installed and operates as a part of\nIdentity Management (the IPA component) in Red Hat Enterprise Linux.\n\nMultiple cross-site scripting flaws were discovered in Certificate System.\nAn attacker could use these flaws to perform a cross-site scripting (XSS)\nattack against victims using Certificate System\u0027s web interface.\n(CVE-2012-4543)\n\nThis update also fixes the following bugs:\n\n* Previously, due to incorrect conversion of large integers while\ngenerating a new serial number, some of the most significant bits in the\nserial number were truncated. Consequently, the serial number generated for\ncertificates was sometimes smaller than expected and this incorrect\nconversion in turn led to a collision if a certificate with the smaller\nnumber already existed in the database. This update removes the incorrect\ninteger conversion so that no serial numbers are truncated. As a result,\nthe installation wizard proceeds as expected. (BZ#841663)\n\n* The certificate authority used a different profile for issuing the audit\ncertificate than it used for renewing it. The issuing profile was for two\nyears, and the renewal was for six months. They should both be for two\nyears. This update sets the default and constraint parameters in the\ncaSignedLogCert.cfg audit certificate renewal profile to two years.\n(BZ#844459)\n\nThis update also adds the following enhancements:\n\n* IPA (Identity, Policy and Audit) now provides an improved way to\ndetermine that PKI is up and ready to service requests. Checking the\nservice status was not sufficient. This update creates a mechanism for\nclients to determine that the PKI subsystem is up using the getStatus()\nfunction to query the cs.startup_state in CS.cfg. (BZ#858864)\n\n* This update increases the default root CA validity period from eight\nyears to twenty years. (BZ#891985) \n\nAll users of pki-core are advised to upgrade to these updated packages,\nwhich fix these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:0511",
        "url": "https://access.redhat.com/errata/RHSA-2013:0511"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "858864",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=858864"
      },
      {
        "category": "external",
        "summary": "864397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
      },
      {
        "category": "external",
        "summary": "867640",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867640"
      },
      {
        "category": "external",
        "summary": "891985",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891985"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0511.json"
      }
    ],
    "title": "Red Hat Security Advisory: pki-core security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T05:49:13+00:00",
      "generator": {
        "date": "2024-11-22T05:49:13+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2013:0511",
      "initial_release_date": "2013-02-20T16:18:00+00:00",
      "revision_history": [
        {
          "date": "2013-02-20T16:18:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-02-20T16:29:34+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T05:49:13+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-native-tools-0:9.0.3-30.el6.x86_64",
                "product": {
                  "name": "pki-native-tools-0:9.0.3-30.el6.x86_64",
                  "product_id": "pki-native-tools-0:9.0.3-30.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-native-tools@9.0.3-30.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-symkey-0:9.0.3-30.el6.x86_64",
                "product": {
                  "name": "pki-symkey-0:9.0.3-30.el6.x86_64",
                  "product_id": "pki-symkey-0:9.0.3-30.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-symkey@9.0.3-30.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
                "product": {
                  "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
                  "product_id": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-core-debuginfo@9.0.3-30.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-native-tools-0:9.0.3-30.el6.i686",
                "product": {
                  "name": "pki-native-tools-0:9.0.3-30.el6.i686",
                  "product_id": "pki-native-tools-0:9.0.3-30.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-native-tools@9.0.3-30.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-symkey-0:9.0.3-30.el6.i686",
                "product": {
                  "name": "pki-symkey-0:9.0.3-30.el6.i686",
                  "product_id": "pki-symkey-0:9.0.3-30.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-symkey@9.0.3-30.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
                "product": {
                  "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
                  "product_id": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-core-debuginfo@9.0.3-30.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-setup-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-setup-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-setup-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-setup@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-selinux-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-selinux-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-selinux-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-selinux@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-util-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-util-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-util-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-util@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-common-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-common-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-common-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-java-tools-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-java-tools-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-java-tools-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-java-tools@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-ca-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-ca-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-ca-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-ca@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-silent-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-silent-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-silent-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-silent@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-java-tools-javadoc@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-util-javadoc@9.0.3-30.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
                "product": {
                  "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
                  "product_id": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common-javadoc@9.0.3-30.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-core-0:9.0.3-30.el6.src",
                "product": {
                  "name": "pki-core-0:9.0.3-30.el6.src",
                  "product_id": "pki-core-0:9.0.3-30.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-core@9.0.3-30.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Client-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6ComputeNode-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation-optional"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-ca-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-common-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-core-0:9.0.3-30.el6.src"
        },
        "product_reference": "pki-core-0:9.0.3-30.el6.src",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-setup-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-silent-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-symkey-0:9.0.3-30.el6.i686"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64"
        },
        "product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-util-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        },
        "product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-4543",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2012-10-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "864397"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-core-0:9.0.3-30.el6.src",
          "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
          "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-core-0:9.0.3-30.el6.src",
          "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Server:pki-ca-0:9.0.3-30.el6.noarch",
          "6Server:pki-common-0:9.0.3-30.el6.noarch",
          "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Server:pki-core-0:9.0.3-30.el6.src",
          "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Server:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Server:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Server:pki-setup-0:9.0.3-30.el6.noarch",
          "6Server:pki-silent-0:9.0.3-30.el6.noarch",
          "6Server:pki-symkey-0:9.0.3-30.el6.i686",
          "6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Server:pki-util-0:9.0.3-30.el6.noarch",
          "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
          "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
          "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
          "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-common-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-core-0:9.0.3-30.el6.src",
          "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
          "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
          "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
          "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
          "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
          "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
          "6Workstation:pki-util-0:9.0.3-30.el6.noarch",
          "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "RHBZ#864397",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4543",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-02-20T16:18:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-core-0:9.0.3-30.el6.src",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-core-0:9.0.3-30.el6.src",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-core-0:9.0.3-30.el6.src",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server:pki-util-0:9.0.3-30.el6.noarch",
            "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-core-0:9.0.3-30.el6.src",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0511"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-core-0:9.0.3-30.el6.src",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-core-0:9.0.3-30.el6.src",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-ca-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-0:9.0.3-30.el6.noarch",
            "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-core-0:9.0.3-30.el6.src",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Server:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Server:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Server:pki-setup-0:9.0.3-30.el6.noarch",
            "6Server:pki-silent-0:9.0.3-30.el6.noarch",
            "6Server:pki-symkey-0:9.0.3-30.el6.i686",
            "6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Server:pki-util-0:9.0.3-30.el6.noarch",
            "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-core-0:9.0.3-30.el6.src",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
            "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
            "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
            "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
            "6Workstation:pki-util-0:9.0.3-30.el6.noarch",
            "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile"
    }
  ]
}

RHSA-2012:1550

Vulnerability from csaf_redhat - Published: 2012-12-06 20:22 - Updated: 2025-11-21 17:41

Summary

Red Hat Security Advisory: pki security update

Severity

Moderate

Notes

CVE-2012-4543

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2012-4555

1.7 ()


                        
                          AV:L/AC:L/Au:S/C:N/I:N/A:P

CVE-2012-4556

4.0 ()


                        
                          AV:N/AC:L/Au:S/C:N/I:N/A:P

References

URL

Category

	https://access.redhat.com/errata/RHSA-2012:1550	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://bugzilla.redhat.com/show_bug.cgi?id=869570	external
	https://bugzilla.redhat.com/show_bug.cgi?id=869579	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2012-4543	self
	https://bugzilla.redhat.com/show_bug.cgi?id=864397	external
	https://www.cve.org/CVERecord?id=CVE-2012-4543	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4543	external
	https://access.redhat.com/security/cve/CVE-2012-4555	self
	https://bugzilla.redhat.com/show_bug.cgi?id=869570	external
	https://www.cve.org/CVERecord?id=CVE-2012-4555	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4555	external
	https://access.redhat.com/security/cve/CVE-2012-4556	self
	https://bugzilla.redhat.com/show_bug.cgi?id=869579	external
	https://www.cve.org/CVERecord?id=CVE-2012-4556	external
	https://nvd.nist.gov/vuln/detail/CVE-2012-4556	external

Acknowledgments

Patrick Raspante

GDC4S Ryan Millay

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated pki-common and pki-tps packages that fix multiple security issues\nare now available for Red Hat Certificate System 8.1.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nMultiple cross-site scripting flaws were discovered in the Red Hat\nCertificate System. An attacker could use these flaws to perform a\ncross-site scripting (XSS) attack against victims using Certificate\nSystem\u0027s web interface. (CVE-2012-4543)\n\nMultiple denial of service flaws were found in the Red Hat Certificate\nSystem token processing. A Certificate System user could use these flaws\nto crash the Apache httpd web server child process, possibly interrupting\nthe processing of other users\u0027 requests. (CVE-2012-4555, CVE-2012-4556)\n\nRed Hat would like to thank Patrick Raspante and Ryan Millay of GDC4S for\nreporting the CVE-2012-4555 and CVE-2012-4556 issues.\n\nAll users of Red Hat Certificate System are advised to upgrade to these\nupdated packages, which correct these issues. After installing this update,\nall Red Hat Certificate System subsystems must be restarted (\"/etc/init.d\n/[instance-name] restart\") for the update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2012:1550",
        "url": "https://access.redhat.com/errata/RHSA-2012:1550"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "864397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
      },
      {
        "category": "external",
        "summary": "869570",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570"
      },
      {
        "category": "external",
        "summary": "869579",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869579"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1550.json"
      }
    ],
    "title": "Red Hat Security Advisory: pki security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:41:40+00:00",
      "generator": {
        "date": "2025-11-21T17:41:40+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2012:1550",
      "initial_release_date": "2012-12-06T20:22:00+00:00",
      "revision_history": [
        {
          "date": "2012-12-06T20:22:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2012-12-06T20:31:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:41:40+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Certificate System 8",
                "product": {
                  "name": "Red Hat Certificate System 8",
                  "product_id": "5Server-RHCertSystem",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:certificate_system:8::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Certificate System"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
                "product": {
                  "name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
                  "product_id": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common-javadoc@8.1.3-2.el5pki?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-common-0:8.1.3-2.el5pki.noarch",
                "product": {
                  "name": "pki-common-0:8.1.3-2.el5pki.noarch",
                  "product_id": "pki-common-0:8.1.3-2.el5pki.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common@8.1.3-2.el5pki?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-common-0:8.1.3-2.el5pki.src",
                "product": {
                  "name": "pki-common-0:8.1.3-2.el5pki.src",
                  "product_id": "pki-common-0:8.1.3-2.el5pki.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-common@8.1.3-2.el5pki?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pki-tps-0:8.1.3-2.el5pki.src",
                "product": {
                  "name": "pki-tps-0:8.1.3-2.el5pki.src",
                  "product_id": "pki-tps-0:8.1.3-2.el5pki.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-tps-0:8.1.3-2.el5pki.i386",
                "product": {
                  "name": "pki-tps-0:8.1.3-2.el5pki.i386",
                  "product_id": "pki-tps-0:8.1.3-2.el5pki.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pki-tps-0:8.1.3-2.el5pki.x86_64",
                "product": {
                  "name": "pki-tps-0:8.1.3-2.el5pki.x86_64",
                  "product_id": "pki-tps-0:8.1.3-2.el5pki.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:8.1.3-2.el5pki.noarch as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch"
        },
        "product_reference": "pki-common-0:8.1.3-2.el5pki.noarch",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-0:8.1.3-2.el5pki.src as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src"
        },
        "product_reference": "pki-common-0:8.1.3-2.el5pki.src",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch"
        },
        "product_reference": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-tps-0:8.1.3-2.el5pki.i386 as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386"
        },
        "product_reference": "pki-tps-0:8.1.3-2.el5pki.i386",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-tps-0:8.1.3-2.el5pki.src as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src"
        },
        "product_reference": "pki-tps-0:8.1.3-2.el5pki.src",
        "relates_to_product_reference": "5Server-RHCertSystem"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pki-tps-0:8.1.3-2.el5pki.x86_64 as a component of Red Hat Certificate System 8",
          "product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        },
        "product_reference": "pki-tps-0:8.1.3-2.el5pki.x86_64",
        "relates_to_product_reference": "5Server-RHCertSystem"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-4543",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2012-10-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "864397"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "RHBZ#864397",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4543",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4543"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-12-06T20:22:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:1550"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Patrick Raspante"
          ]
        },
        {
          "names": [
            "Ryan Millay"
          ],
          "organization": "GDC4S"
        }
      ],
      "cve": "CVE-2012-4555",
      "discovery_date": "2012-10-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "869570"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pki-tps: Temporary denial of service on interrupted token format operations",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4555"
        },
        {
          "category": "external",
          "summary": "RHBZ#869570",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4555",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4555"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4555",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4555"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-12-06T20:22:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:1550"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 1.7,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "pki-tps: Temporary denial of service on interrupted token format operations"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Patrick Raspante"
          ]
        },
        {
          "names": [
            "Ryan Millay"
          ],
          "organization": "GDC4S"
        }
      ],
      "cve": "CVE-2012-4556",
      "discovery_date": "2012-10-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "869579"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pki-tps: Connection reset when performing empty certificate search in TPS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
          "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-4556"
        },
        {
          "category": "external",
          "summary": "RHBZ#869579",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869579"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4556",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-4556"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4556",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4556"
        }
      ],
      "release_date": "2012-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2012-12-06T20:22:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2012:1550"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
            "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "pki-tps: Connection reset when performing empty certificate search in TPS"
    }
  ]
}

FKIE_CVE-2012-4543

Vulnerability from fkie_nvd - Published: 2013-01-04 22:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1550.html	Vendor Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-0511.html
secalert@redhat.com	http://secunia.com/advisories/51482	Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/56843
secalert@redhat.com	http://www.securitytracker.com/id?1027846
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=864397
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1550.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-0511.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51482	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/56843
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027846
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=864397

Impacted products

Vendor	Product	Version
redhat	certificate_system	*
redhat	certificate_system	7.1
redhat	certificate_system	7.2
redhat	certificate_system	7.3
redhat	certificate_system	8
redhat	certificate_system	8.0
redhat	certificate_system	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AAB4016-809B-4BF9-875C-18B261050AA9",
              "versionEndIncluding": "8.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94B7103-11B7-4B1E-AE02-86210F9CCCAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27FE079E-FB15-443C-BE2E-1D4C940BB8C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2654E6A-190C-4D5C-ABC0-89011DD8E293",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2EF75FF-FCDB-433C-A7B9-4DBAABAC6643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "969F1FDC-EB66-4758-B619-C48CA1E5B1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F5AA3E-5776-4B66-A2B7-78A95C37581A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Red Hat Certificate System (RHCS) anteriores a v8.1.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de(1) pageStart o (2) pageSize sobre el script displayCRL, o (3) variable nonce sobre sobre el script profileProcess."
    }
  ],
  "id": "CVE-2012-4543",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-04T22:55:01.930",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/51482"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/56843"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1027846"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/51482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/56843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3RG2-G53J-XH7W

Vulnerability from github – Published: 2022-05-17 05:14 – Updated: 2022-05-17 05:14

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-4543"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-01-04T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
  "id": "GHSA-3rg2-g53j-xh7w",
  "modified": "2022-05-17T05:14:01Z",
  "published": "2022-05-17T05:14:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/51482"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/56843"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027846"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2012-4543

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-4543

Aliases

CVE-2012-4543

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-4543",
    "description": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
    "id": "GSD-2012-4543",
    "references": [
      "https://access.redhat.com/errata/RHSA-2013:0511",
      "https://access.redhat.com/errata/RHSA-2012:1550",
      "https://linux.oracle.com/cve/CVE-2012-4543.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-4543"
      ],
      "details": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
      "id": "GSD-2012-4543",
      "modified": "2023-12-13T01:20:14.912139Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2012-4543",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=864397",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
          },
          {
            "name": "1027846",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1027846"
          },
          {
            "name": "RHSA-2012:1550",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
          },
          {
            "name": "51482",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/51482"
          },
          {
            "name": "56843",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/56843"
          },
          {
            "name": "RHSA-2013:0511",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.1.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-4543"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1550",
              "refsource": "REDHAT",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
            },
            {
              "name": "1027846",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1027846"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=864397",
              "refsource": "MISC",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
            },
            {
              "name": "51482",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/51482"
            },
            {
              "name": "56843",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/56843"
            },
            {
              "name": "RHSA-2013:0511",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2013-03-08T04:09Z",
      "publishedDate": "2013-01-04T22:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-4543 (GCVE-0-2012-4543)

RHSA-2013:0511

RHSA-2012_1550

RHSA-2013_0511

RHSA-2012:1550

FKIE_CVE-2012-4543

GHSA-3RG2-G53J-XH7W

GSD-2012-4543

Tags

Sightings

Nomenclature