CVE-2012-4546

The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.
References
Link Resource
http://rhn.redhat.com/errata/RHSA-2013-0528.html Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-04-03 00:55

Updated : 2024-02-28 12:00


NVD link : CVE-2012-4546

Mitre link : CVE-2012-4546

CVE.ORG link : CVE-2012-4546


JSON object : View

Products Affected

redhat

  • enterprise_linux
CWE
CWE-16

Configuration