CVE-2008-1676 - CERT CVE
ID CVE-2008-1676
Sažetak Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
Reference
CVSS
Base: 7.5
Impact: 6.4
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 13-02-2023 - 02:18
Objavljeno 07-07-2008 - 23:41