CVE-2012-4546

The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists (CRLs) to be used and might allow remote attackers to bypass intended access restrictions via a revoked certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
redhatenterprise_linux
6.0
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ipa-admintools
RHEL 6
0:3.0.0-25.el6
fixed
ipa-client
RHEL 6
0:3.0.0-25.el6
fixed
ipa-python
RHEL 6
0:3.0.0-25.el6
fixed
ipa-server
RHEL 6
0:3.0.0-25.el6
fixed
ipa-server-selinux
RHEL 6
0:3.0.0-25.el6
fixed
ipa-server-trust-ad
RHEL 6
0:3.0.0-25.el6
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2013-0528.html
http://rhn.redhat.com/errata/RHSA-2013-0528.html