CVE-2010-3869

Severity

40%

Complexity

80%

Confidentiality

48%

Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.

Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:P/A:N).

Overview

Type

Red

First reported 14 years ago

2010-11-17 16:00:00

Last updated 14 years ago

2010-11-18 05:00:00

Affected Software

Red Hat Certificate System 7.3

7.3

Red Hat Certificate System 8

8

Redhat Dogtag Certificate System

References

42181

Vendor Advisory

1024697

69148

https://bugzilla.redhat.com/show_bug.cgi?id=648883

https://fedorahosted.org/pki/changeset/1246

Patch

RHSA-2010:0837

Vendor Advisory

RHSA-2010:0838

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.