Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4543

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4543
Last Modified 07 Mar 2013 11:09:37
Published 04 Jan 2013 05:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4543

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.

Vulnerable Systems

Application

  • Redhat Certificate System 7.1

  • Redhat Certificate System 7.2

  • Redhat Certificate System 7.3

  • Redhat Certificate System 8

  • Redhat Certificate System 8.0

  • Redhat Certificate System 8.1

  • Redhat Certificate System 8.1.1


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=864397

SECTRACK - 1027846

BID - 56843

SECUNIA - 51482

REDHAT - RHSA-2012:1550

REDHAT - RHSA-2013:0511


Last Updated: 27 May 2016 10:56:40