Lucene search

[email protected]NVD:CVE-2009-0588

HistoryMay 27, 2009 - 4:30 p.m.

CVE-2009-0588

2009-05-2716:30:01

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.005

Percentile

75.3%

JSON

agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field.

Affected configurations

Nvd

Node

redhatcertificate_systemMatch7.3

redhatdogtag_certificate_system

VendorProductVersionCPE
redhatcertificate_system7.3cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*
redhatdogtag_certificate_system*cpe:2.3:a:redhat:dogtag_certificate_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	certificate_system	7.3	cpe:2.3:a:redhat:certificate_system:7.3:::::::*
redhat	dogtag_certificate_system	*	cpe:2.3:a:redhat:dogtag_certificate_system::::::::

References

secunia.com/advisories/35242

secunia.com/advisories/35263

www.redhat.com/support/errata/RHSA-2009-1065.html

www.securityfocus.com/bid/35104

www.securitytracker.com/id?1022278

bugzilla.redhat.com/show_bug.cgi?id=484828

bugzilla.redhat.com/show_bug.cgi?id=488706

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

Low

EPSS

0.005

Percentile

75.3%

JSON

Related for NVD:CVE-2009-0588

cve1 prion1 cvelist1 seebug1