CVE-2012-3367 - Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check

CVE-2012-3367

Summary

Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.

References

Vulnerable Configurations

cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:dogtag_certificate_system:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:dogtag_certificate_system:*:*:*:*:*:*:*:*

CVSS

Base:	5.5 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:P/A:P

redhat via4

advisories

rhsa

id	RHSA-2012:1103

rpms

pki-common-0:8.1.1-1.el5pki
pki-common-javadoc-0:8.1.1-1.el5pki
pki-tps-0:8.1.1-1.el5pki
pki-util-0:8.1.1-1.el5pki
pki-util-javadoc-0:8.1.1-1.el5pki

refmap via4

bid	54608
confirm	https://bugzilla.redhat.com/show_bug.cgi?id=836268 https://fedorahosted.org/pki/changeset/2430
osvdb	84098
sectrack	1027284
secunia	50013
xf	rhcs-certificate-manager-sec-bypass(77102)

Last major update

29-08-2017 - 01:31

Published

13-08-2012 - 20:55

Last modified

29-08-2017 - 01:31