CVE-2012-2662

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Affected Products (NVD)
VendorProductVersion
redhatcertificate_system
𝑥
≤ 8.1
redhatcertificate_system
7.1
redhatcertificate_system
7.2
redhatcertificate_system
7.3
redhatcertificate_system
8.0
redhatdogtag_certificate_system
*
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
pki-ca
RHEL 6
0:9.0.3-43.el6
fixed
pki-common
RHEL 6
0:9.0.3-43.el6
fixed
pki-common-javadoc
RHEL 6
0:9.0.3-43.el6
fixed
pki-java-tools
RHEL 6
0:9.0.3-43.el6
fixed
pki-java-tools-javadoc
RHEL 6
0:9.0.3-43.el6
fixed
pki-native-tools
RHEL 6
0:9.0.3-43.el6
fixed
pki-selinux
RHEL 6
0:9.0.3-43.el6
fixed
pki-setup
RHEL 6
0:9.0.3-43.el6
fixed
pki-silent
RHEL 6
0:9.0.3-43.el6
fixed
pki-symkey
RHEL 6
0:9.0.3-43.el6
fixed
pki-util
RHEL 6
0:9.0.3-43.el6
fixed
pki-util-javadoc
RHEL 6
0:9.0.3-43.el6
fixed
Common Weakness Enumeration
References
http://osvdb.org/84099
http://rhn.redhat.com/errata/RHSA-2012-1103.html
http://rhn.redhat.com/errata/RHSA-2015-1347.html
http://secunia.com/advisories/50013
http://www.securityfocus.com/bid/54608
http://www.securitytracker.com/id?1027284
https://exchange.xforce.ibmcloud.com/vulnerabilities/77101
http://osvdb.org/84099
http://rhn.redhat.com/errata/RHSA-2012-1103.html
http://rhn.redhat.com/errata/RHSA-2015-1347.html
http://secunia.com/advisories/50013
http://www.securityfocus.com/bid/54608
http://www.securitytracker.com/id?1027284
https://exchange.xforce.ibmcloud.com/vulnerabilities/77101