CVE-2012-4546
Last modified
CVE-2012-4546 is a vulnerability of currently unknown severity. The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.. EPSS estimates a 1.19% chance of exploitation in the next 30 days.
Description
The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Enterprise Linux | 6.0 |
References
- http://rhn.redhat.com/errata/RHSA-2013-0528.htmlVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2013-0528.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-4546?
How severe is CVE-2012-4546?
How do I fix CVE-2012-4546?
Are you affected by CVE-2012-4546?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST