RedHatRHSA-2022:7077(RHSA-2022:7077) Moderate: Red Hat Certificate System 9.7 CVE bug fix update
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
12.6%
The Public Key Infrastructure (PKI) Core contains fundamental packages
required by Red Hat Certificate System.
Security Fix(es):
- CVE-2022-2393 pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field [rhcs_9.7] [BZ #2111493]
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | pki-tks | < 10.5.18-23.el7pki | pki-tks-10.5.18-23.el7pki.noarch.rpm |
| RedHat | 7 | x86_64 | pki-tps | < 10.5.18-23.el7pki | pki-tps-10.5.18-23.el7pki.x86_64.rpm |
| RedHat | 7 | x86_64 | pki-core-debuginfo | < 10.5.18-23.el7pki | pki-core-debuginfo-10.5.18-23.el7pki.x86_64.rpm |
| RedHat | 7 | noarch | pki-ocsp | < 10.5.18-23.el7pki | pki-ocsp-10.5.18-23.el7pki.noarch.rpm |
| RedHat | 7 | noarch | redhat-pki-server-theme | < 10.5.18-15.el7pki | redhat-pki-server-theme-10.5.18-15.el7pki.noarch.rpm |
| RedHat | 7 | noarch | redhat-pki-console-theme | < 10.5.18-15.el7pki | redhat-pki-console-theme-10.5.18-15.el7pki.noarch.rpm |
Related
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
12.6%