Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4546

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-4546
Last Modified 03 Apr 2013 12:00:00
Published 02 Apr 2013 08:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4546

Summary

The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 6


References

REDHAT - RHSA-2013:0528


Last Updated: 27 May 2016 10:44:50