Lucene search
HistoryApr 02, 2013 - 10:55 p.m.
CVE-2012-6119
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.
Affected configurations
Node
candlepinprojectcandlepinRange≤0.7.2
ORcandlepinprojectcandlepinMatch0.4.5
ORcandlepinprojectcandlepinMatch0.4.11
ORcandlepinprojectcandlepinMatch0.4.27
ORcandlepinprojectcandlepinMatch0.5.5
ORcandlepinprojectcandlepinMatch0.6.3
ORredhatsubscription_asset_managerRange≤1.2.0
ORredhatsubscription_asset_managerMatch1.0.0
ORredhatsubscription_asset_managerMatch1.1.0
Related
cvelist
cvelist
CVE-2012-6119
2013-04-02 22:00:00
cve
cve
CVE-2012-6119
2013-04-02 22:55:01
prion
prion
Code injection
2013-04-02 22:55:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:44:25
Input Validation Bypass
2019-05-02 04:44:16
nessus
nessus
RHEL 6 : Subscription Asset Manager (RHSA-2013:0686)
2013-04-10 00:00:00
redhat
redhat
(RHSA-2013:0686) Moderate: Subscription Asset Manager 1.2.1 update
2013-03-26 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2012-6119