CVE-2008-1676

Published Jul 7, 2008

Last updated 2 years ago

Overview

Description: Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-255

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A94B7103-11B7-4B1E-AE02-86210F9CCCAA"
          },
          {
            "criteria": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "27FE079E-FB15-443C-BE2E-1D4C940BB8C0"
          },
          {
            "criteria": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E2654E6A-190C-4D5C-ABC0-89011DD8E293"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netscape:certificate_management_system:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "946E7D94-5FD5-40C2-B67A-14C0D13CDDAB",
            "versionEndIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:a:netscape:certificate_management_system:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D852DF7-F08A-4EAC-B7BB-D3384CA0B9B9"
          },
          {
            "criteria": "cpe:2.3:a:netscape:certificate_management_system:6.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DD96E83-2151-4AFE-B3B3-E9CCF69D4B77"
          },
          {
            "criteria": "cpe:2.3:a:netscape:certificate_management_system:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3F95B08-2AC6-4452-9BA3-26C80D3FABE7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References