Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-4543 (GCVE-0-2012-4543)
Vulnerability from cvelistv5
Published
2013-01-04 22:00
Modified
2024-08-06 20:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:55.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"name": "1027846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027846"
},
{
"name": "RHSA-2012:1550",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"name": "51482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51482"
},
{
"name": "56843",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56843"
},
{
"name": "RHSA-2013:0511",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-08T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"name": "1027846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027846"
},
{
"name": "RHSA-2012:1550",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"name": "51482",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51482"
},
{
"name": "56843",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56843"
},
{
"name": "RHSA-2013:0511",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=864397",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"name": "1027846",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027846"
},
{
"name": "RHSA-2012:1550",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"name": "51482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51482"
},
{
"name": "56843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56843"
},
{
"name": "RHSA-2013:0511",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4543",
"datePublished": "2013-01-04T22:00:00",
"dateReserved": "2012-08-21T00:00:00",
"dateUpdated": "2024-08-06T20:42:55.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2012-4543\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-01-04T22:55:01.930\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Red Hat Certificate System (RHCS) anteriores a v8.1.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de(1) pageStart o (2) pageSize sobre el script displayCRL, o (3) variable nonce sobre sobre el script profileProcess.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.1.1\",\"matchCriteriaId\":\"0AAB4016-809B-4BF9-875C-18B261050AA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A94B7103-11B7-4B1E-AE02-86210F9CCCAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27FE079E-FB15-443C-BE2E-1D4C940BB8C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2654E6A-190C-4D5C-ABC0-89011DD8E293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2EF75FF-FCDB-433C-A7B9-4DBAABAC6643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"969F1FDC-EB66-4758-B619-C48CA1E5B1AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25F5AA3E-5776-4B66-A2B7-78A95C37581A\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1550.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0511.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/51482\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56843\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1027846\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=864397\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1550.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0511.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/51482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56843\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1027846\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=864397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
rhsa-2013:0511
Vulnerability from csaf_redhat
Published
2013-02-20 16:18
Modified
2024-11-22 05:49
Summary
Red Hat Security Advisory: pki-core security, bug fix and enhancement update
Notes
Topic
Updated pki-core packages that fix multiple security issues, two bugs, and
add various enhancements are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
Red Hat Certificate System is an enterprise software system designed to
manage enterprise public key infrastructure (PKI) deployments. PKI Core
contains fundamental packages required by Red Hat Certificate System, which
comprise the Certificate Authority (CA) subsystem.
Note: The Certificate Authority component provided by this advisory cannot
be used as a standalone server. It is installed and operates as a part of
Identity Management (the IPA component) in Red Hat Enterprise Linux.
Multiple cross-site scripting flaws were discovered in Certificate System.
An attacker could use these flaws to perform a cross-site scripting (XSS)
attack against victims using Certificate System's web interface.
(CVE-2012-4543)
This update also fixes the following bugs:
* Previously, due to incorrect conversion of large integers while
generating a new serial number, some of the most significant bits in the
serial number were truncated. Consequently, the serial number generated for
certificates was sometimes smaller than expected and this incorrect
conversion in turn led to a collision if a certificate with the smaller
number already existed in the database. This update removes the incorrect
integer conversion so that no serial numbers are truncated. As a result,
the installation wizard proceeds as expected. (BZ#841663)
* The certificate authority used a different profile for issuing the audit
certificate than it used for renewing it. The issuing profile was for two
years, and the renewal was for six months. They should both be for two
years. This update sets the default and constraint parameters in the
caSignedLogCert.cfg audit certificate renewal profile to two years.
(BZ#844459)
This update also adds the following enhancements:
* IPA (Identity, Policy and Audit) now provides an improved way to
determine that PKI is up and ready to service requests. Checking the
service status was not sufficient. This update creates a mechanism for
clients to determine that the PKI subsystem is up using the getStatus()
function to query the cs.startup_state in CS.cfg. (BZ#858864)
* This update increases the default root CA validity period from eight
years to twenty years. (BZ#891985)
All users of pki-core are advised to upgrade to these updated packages,
which fix these issues and add these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated pki-core packages that fix multiple security issues, two bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Certificate System is an enterprise software system designed to\nmanage enterprise public key infrastructure (PKI) deployments. PKI Core\ncontains fundamental packages required by Red Hat Certificate System, which\ncomprise the Certificate Authority (CA) subsystem.\n\nNote: The Certificate Authority component provided by this advisory cannot\nbe used as a standalone server. It is installed and operates as a part of\nIdentity Management (the IPA component) in Red Hat Enterprise Linux.\n\nMultiple cross-site scripting flaws were discovered in Certificate System.\nAn attacker could use these flaws to perform a cross-site scripting (XSS)\nattack against victims using Certificate System\u0027s web interface.\n(CVE-2012-4543)\n\nThis update also fixes the following bugs:\n\n* Previously, due to incorrect conversion of large integers while\ngenerating a new serial number, some of the most significant bits in the\nserial number were truncated. Consequently, the serial number generated for\ncertificates was sometimes smaller than expected and this incorrect\nconversion in turn led to a collision if a certificate with the smaller\nnumber already existed in the database. This update removes the incorrect\ninteger conversion so that no serial numbers are truncated. As a result,\nthe installation wizard proceeds as expected. (BZ#841663)\n\n* The certificate authority used a different profile for issuing the audit\ncertificate than it used for renewing it. The issuing profile was for two\nyears, and the renewal was for six months. They should both be for two\nyears. This update sets the default and constraint parameters in the\ncaSignedLogCert.cfg audit certificate renewal profile to two years.\n(BZ#844459)\n\nThis update also adds the following enhancements:\n\n* IPA (Identity, Policy and Audit) now provides an improved way to\ndetermine that PKI is up and ready to service requests. Checking the\nservice status was not sufficient. This update creates a mechanism for\nclients to determine that the PKI subsystem is up using the getStatus()\nfunction to query the cs.startup_state in CS.cfg. (BZ#858864)\n\n* This update increases the default root CA validity period from eight\nyears to twenty years. (BZ#891985) \n\nAll users of pki-core are advised to upgrade to these updated packages,\nwhich fix these issues and add these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:0511",
"url": "https://access.redhat.com/errata/RHSA-2013:0511"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "858864",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858864"
},
{
"category": "external",
"summary": "864397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"category": "external",
"summary": "867640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=867640"
},
{
"category": "external",
"summary": "891985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891985"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0511.json"
}
],
"title": "Red Hat Security Advisory: pki-core security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T05:49:13+00:00",
"generator": {
"date": "2024-11-22T05:49:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:0511",
"initial_release_date": "2013-02-20T16:18:00+00:00",
"revision_history": [
{
"date": "2013-02-20T16:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-02-20T16:29:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T05:49:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"product": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"product_id": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-native-tools@9.0.3-30.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:9.0.3-30.el6.x86_64",
"product": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64",
"product_id": "pki-symkey-0:9.0.3-30.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@9.0.3-30.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"product": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"product_id": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@9.0.3-30.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-native-tools-0:9.0.3-30.el6.i686",
"product": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686",
"product_id": "pki-native-tools-0:9.0.3-30.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-native-tools@9.0.3-30.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:9.0.3-30.el6.i686",
"product": {
"name": "pki-symkey-0:9.0.3-30.el6.i686",
"product_id": "pki-symkey-0:9.0.3-30.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@9.0.3-30.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"product": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"product_id": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@9.0.3-30.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-setup-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-setup-0:9.0.3-30.el6.noarch",
"product_id": "pki-setup-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-setup@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-selinux-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch",
"product_id": "pki-selinux-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-selinux@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-util-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-util-0:9.0.3-30.el6.noarch",
"product_id": "pki-util-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-util@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-common-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-common-0:9.0.3-30.el6.noarch",
"product_id": "pki-common-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-common@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-java-tools-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch",
"product_id": "pki-java-tools-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-java-tools@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-ca-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-ca-0:9.0.3-30.el6.noarch",
"product_id": "pki-ca-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-ca@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-silent-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-silent-0:9.0.3-30.el6.noarch",
"product_id": "pki-silent-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-silent@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"product_id": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-java-tools-javadoc@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"product_id": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-util-javadoc@9.0.3-30.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"product": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"product_id": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-common-javadoc@9.0.3-30.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-core-0:9.0.3-30.el6.src",
"product": {
"name": "pki-core-0:9.0.3-30.el6.src",
"product_id": "pki-core-0:9.0.3-30.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core@9.0.3-30.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-ca-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-common-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-core-0:9.0.3-30.el6.src"
},
"product_reference": "pki-core-0:9.0.3-30.el6.src",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-setup-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-silent-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-symkey-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-util-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Client-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src"
},
"product_reference": "pki-core-0:9.0.3-30.el6.src",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6ComputeNode-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-ca-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-common-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-core-0:9.0.3-30.el6.src"
},
"product_reference": "pki-core-0:9.0.3-30.el6.src",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-setup-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-silent-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-symkey-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-util-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-ca-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-common-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-core-0:9.0.3-30.el6.src"
},
"product_reference": "pki-core-0:9.0.3-30.el6.src",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-java-tools-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-native-tools-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-native-tools-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-selinux-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-setup-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-silent-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-symkey-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-symkey-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-util-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-core-0:9.0.3-30.el6.src"
},
"product_reference": "pki-core-0:9.0.3-30.el6.src",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation-optional"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-ca-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-ca-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-common-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-common-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:9.0.3-30.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-core-0:9.0.3-30.el6.src"
},
"product_reference": "pki-core-0:9.0.3-30.el6.src",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-native-tools-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-native-tools-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-native-tools-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-selinux-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-selinux-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-selinux-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-setup-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-setup-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-setup-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-silent-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-silent-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-silent-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-symkey-0:9.0.3-30.el6.i686"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.i686",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:9.0.3-30.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64"
},
"product_reference": "pki-symkey-0:9.0.3-30.el6.x86_64",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-util-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-util-javadoc-0:9.0.3-30.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
},
"product_reference": "pki-util-javadoc-0:9.0.3-30.el6.noarch",
"relates_to_product_reference": "6Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-4543",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "864397"
}
],
"notes": [
{
"category": "description",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-core-0:9.0.3-30.el6.src",
"6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
"6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-core-0:9.0.3-30.el6.src",
"6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-ca-0:9.0.3-30.el6.noarch",
"6Server:pki-common-0:9.0.3-30.el6.noarch",
"6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-core-0:9.0.3-30.el6.src",
"6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-native-tools-0:9.0.3-30.el6.i686",
"6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Server:pki-selinux-0:9.0.3-30.el6.noarch",
"6Server:pki-setup-0:9.0.3-30.el6.noarch",
"6Server:pki-silent-0:9.0.3-30.el6.noarch",
"6Server:pki-symkey-0:9.0.3-30.el6.i686",
"6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Server:pki-util-0:9.0.3-30.el6.noarch",
"6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
"6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
"6Workstation:pki-common-0:9.0.3-30.el6.noarch",
"6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-core-0:9.0.3-30.el6.src",
"6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
"6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
"6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
"6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
"6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
"6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-util-0:9.0.3-30.el6.noarch",
"6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4543"
},
{
"category": "external",
"summary": "RHBZ#864397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4543",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
}
],
"release_date": "2012-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-20T16:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-core-0:9.0.3-30.el6.src",
"6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
"6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-core-0:9.0.3-30.el6.src",
"6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-ca-0:9.0.3-30.el6.noarch",
"6Server:pki-common-0:9.0.3-30.el6.noarch",
"6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-core-0:9.0.3-30.el6.src",
"6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-native-tools-0:9.0.3-30.el6.i686",
"6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Server:pki-selinux-0:9.0.3-30.el6.noarch",
"6Server:pki-setup-0:9.0.3-30.el6.noarch",
"6Server:pki-silent-0:9.0.3-30.el6.noarch",
"6Server:pki-symkey-0:9.0.3-30.el6.i686",
"6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Server:pki-util-0:9.0.3-30.el6.noarch",
"6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
"6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
"6Workstation:pki-common-0:9.0.3-30.el6.noarch",
"6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-core-0:9.0.3-30.el6.src",
"6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
"6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
"6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
"6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
"6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
"6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-util-0:9.0.3-30.el6.noarch",
"6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0511"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Client-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-core-0:9.0.3-30.el6.src",
"6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Client-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Client-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Client-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Client-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Client-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-common-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-core-0:9.0.3-30.el6.src",
"6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6ComputeNode-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6ComputeNode-optional:pki-util-0:9.0.3-30.el6.noarch",
"6ComputeNode-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-core-0:9.0.3-30.el6.src",
"6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Server-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Server-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Server-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Server-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Server-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-ca-0:9.0.3-30.el6.noarch",
"6Server:pki-common-0:9.0.3-30.el6.noarch",
"6Server:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-core-0:9.0.3-30.el6.src",
"6Server:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Server:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Server:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Server:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Server:pki-native-tools-0:9.0.3-30.el6.i686",
"6Server:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Server:pki-selinux-0:9.0.3-30.el6.noarch",
"6Server:pki-setup-0:9.0.3-30.el6.noarch",
"6Server:pki-silent-0:9.0.3-30.el6.noarch",
"6Server:pki-symkey-0:9.0.3-30.el6.i686",
"6Server:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Server:pki-util-0:9.0.3-30.el6.noarch",
"6Server:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-ca-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-common-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-core-0:9.0.3-30.el6.src",
"6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-selinux-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-setup-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-silent-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-symkey-0:9.0.3-30.el6.i686",
"6Workstation-optional:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Workstation-optional:pki-util-0:9.0.3-30.el6.noarch",
"6Workstation-optional:pki-util-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-ca-0:9.0.3-30.el6.noarch",
"6Workstation:pki-common-0:9.0.3-30.el6.noarch",
"6Workstation:pki-common-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-core-0:9.0.3-30.el6.src",
"6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.i686",
"6Workstation:pki-core-debuginfo-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-java-tools-0:9.0.3-30.el6.noarch",
"6Workstation:pki-java-tools-javadoc-0:9.0.3-30.el6.noarch",
"6Workstation:pki-native-tools-0:9.0.3-30.el6.i686",
"6Workstation:pki-native-tools-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-selinux-0:9.0.3-30.el6.noarch",
"6Workstation:pki-setup-0:9.0.3-30.el6.noarch",
"6Workstation:pki-silent-0:9.0.3-30.el6.noarch",
"6Workstation:pki-symkey-0:9.0.3-30.el6.i686",
"6Workstation:pki-symkey-0:9.0.3-30.el6.x86_64",
"6Workstation:pki-util-0:9.0.3-30.el6.noarch",
"6Workstation:pki-util-javadoc-0:9.0.3-30.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile"
}
]
}
rhsa-2012:1550
Vulnerability from csaf_redhat
Published
2012-12-06 20:22
Modified
2024-11-22 05:49
Summary
Red Hat Security Advisory: pki security update
Notes
Topic
Updated pki-common and pki-tps packages that fix multiple security issues
are now available for Red Hat Certificate System 8.1.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Red Hat Certificate System (RHCS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.
Multiple cross-site scripting flaws were discovered in the Red Hat
Certificate System. An attacker could use these flaws to perform a
cross-site scripting (XSS) attack against victims using Certificate
System's web interface. (CVE-2012-4543)
Multiple denial of service flaws were found in the Red Hat Certificate
System token processing. A Certificate System user could use these flaws
to crash the Apache httpd web server child process, possibly interrupting
the processing of other users' requests. (CVE-2012-4555, CVE-2012-4556)
Red Hat would like to thank Patrick Raspante and Ryan Millay of GDC4S for
reporting the CVE-2012-4555 and CVE-2012-4556 issues.
All users of Red Hat Certificate System are advised to upgrade to these
updated packages, which correct these issues. After installing this update,
all Red Hat Certificate System subsystems must be restarted ("/etc/init.d
/[instance-name] restart") for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated pki-common and pki-tps packages that fix multiple security issues\nare now available for Red Hat Certificate System 8.1.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Certificate System (RHCS) is an enterprise software system designed\nto manage enterprise Public Key Infrastructure (PKI) deployments.\n\nMultiple cross-site scripting flaws were discovered in the Red Hat\nCertificate System. An attacker could use these flaws to perform a\ncross-site scripting (XSS) attack against victims using Certificate\nSystem\u0027s web interface. (CVE-2012-4543)\n\nMultiple denial of service flaws were found in the Red Hat Certificate\nSystem token processing. A Certificate System user could use these flaws\nto crash the Apache httpd web server child process, possibly interrupting\nthe processing of other users\u0027 requests. (CVE-2012-4555, CVE-2012-4556)\n\nRed Hat would like to thank Patrick Raspante and Ryan Millay of GDC4S for\nreporting the CVE-2012-4555 and CVE-2012-4556 issues.\n\nAll users of Red Hat Certificate System are advised to upgrade to these\nupdated packages, which correct these issues. After installing this update,\nall Red Hat Certificate System subsystems must be restarted (\"/etc/init.d\n/[instance-name] restart\") for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:1550",
"url": "https://access.redhat.com/errata/RHSA-2012:1550"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "864397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"category": "external",
"summary": "869570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570"
},
{
"category": "external",
"summary": "869579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869579"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1550.json"
}
],
"title": "Red Hat Security Advisory: pki security update",
"tracking": {
"current_release_date": "2024-11-22T05:49:10+00:00",
"generator": {
"date": "2024-11-22T05:49:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2012:1550",
"initial_release_date": "2012-12-06T20:22:00+00:00",
"revision_history": [
{
"date": "2012-12-06T20:22:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-12-06T20:31:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T05:49:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Certificate System 8",
"product": {
"name": "Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:certificate_system:8::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Certificate System"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"product": {
"name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"product_id": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-common-javadoc@8.1.3-2.el5pki?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-common-0:8.1.3-2.el5pki.noarch",
"product": {
"name": "pki-common-0:8.1.3-2.el5pki.noarch",
"product_id": "pki-common-0:8.1.3-2.el5pki.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-common@8.1.3-2.el5pki?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-common-0:8.1.3-2.el5pki.src",
"product": {
"name": "pki-common-0:8.1.3-2.el5pki.src",
"product_id": "pki-common-0:8.1.3-2.el5pki.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-common@8.1.3-2.el5pki?arch=src"
}
}
},
{
"category": "product_version",
"name": "pki-tps-0:8.1.3-2.el5pki.src",
"product": {
"name": "pki-tps-0:8.1.3-2.el5pki.src",
"product_id": "pki-tps-0:8.1.3-2.el5pki.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-tps-0:8.1.3-2.el5pki.i386",
"product": {
"name": "pki-tps-0:8.1.3-2.el5pki.i386",
"product_id": "pki-tps-0:8.1.3-2.el5pki.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-tps-0:8.1.3-2.el5pki.x86_64",
"product": {
"name": "pki-tps-0:8.1.3-2.el5pki.x86_64",
"product_id": "pki-tps-0:8.1.3-2.el5pki.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tps@8.1.3-2.el5pki?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:8.1.3-2.el5pki.noarch as a component of Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch"
},
"product_reference": "pki-common-0:8.1.3-2.el5pki.noarch",
"relates_to_product_reference": "5Server-RHCertSystem"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-0:8.1.3-2.el5pki.src as a component of Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src"
},
"product_reference": "pki-common-0:8.1.3-2.el5pki.src",
"relates_to_product_reference": "5Server-RHCertSystem"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch as a component of Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch"
},
"product_reference": "pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"relates_to_product_reference": "5Server-RHCertSystem"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tps-0:8.1.3-2.el5pki.i386 as a component of Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386"
},
"product_reference": "pki-tps-0:8.1.3-2.el5pki.i386",
"relates_to_product_reference": "5Server-RHCertSystem"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tps-0:8.1.3-2.el5pki.src as a component of Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src"
},
"product_reference": "pki-tps-0:8.1.3-2.el5pki.src",
"relates_to_product_reference": "5Server-RHCertSystem"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tps-0:8.1.3-2.el5pki.x86_64 as a component of Red Hat Certificate System 8",
"product_id": "5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
},
"product_reference": "pki-tps-0:8.1.3-2.el5pki.x86_64",
"relates_to_product_reference": "5Server-RHCertSystem"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-4543",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "864397"
}
],
"notes": [
{
"category": "description",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4543"
},
{
"category": "external",
"summary": "RHBZ#864397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4543",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
}
],
"release_date": "2012-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-06T20:22:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1550"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "System: Multiple cross-site scripting flaws by displaying CRL or processing profile"
},
{
"acknowledgments": [
{
"names": [
"Patrick Raspante"
]
},
{
"names": [
"Ryan Millay"
],
"organization": "GDC4S"
}
],
"cve": "CVE-2012-4555",
"discovery_date": "2012-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "869570"
}
],
"notes": [
{
"category": "description",
"text": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-tps: Temporary denial of service on interrupted token format operations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4555"
},
{
"category": "external",
"summary": "RHBZ#869570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4555",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4555"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4555",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4555"
}
],
"release_date": "2012-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-06T20:22:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1550"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-tps: Temporary denial of service on interrupted token format operations"
},
{
"acknowledgments": [
{
"names": [
"Patrick Raspante"
]
},
{
"names": [
"Ryan Millay"
],
"organization": "GDC4S"
}
],
"cve": "CVE-2012-4556",
"discovery_date": "2012-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "869579"
}
],
"notes": [
{
"category": "description",
"text": "The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-tps: Connection reset when performing empty certificate search in TPS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4556"
},
{
"category": "external",
"summary": "RHBZ#869579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=869579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4556",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4556"
}
],
"release_date": "2012-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-06T20:22:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1550"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-common-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-common-javadoc-0:8.1.3-2.el5pki.noarch",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.i386",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.src",
"5Server-RHCertSystem:pki-tps-0:8.1.3-2.el5pki.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-tps: Connection reset when performing empty certificate search in TPS"
}
]
}
ghsa-3rg2-g53j-xh7w
Vulnerability from github
Published
2022-05-17 05:14
Modified
2022-05-17 05:14
VLAI Severity ?
Details
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.
{
"affected": [],
"aliases": [
"CVE-2012-4543"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-01-04T22:55:00Z",
"severity": "MODERATE"
},
"details": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
"id": "GHSA-3rg2-g53j-xh7w",
"modified": "2022-05-17T05:14:01Z",
"published": "2022-05-17T05:14:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4543"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/51482"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/56843"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1027846"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2012-4543
Vulnerability from fkie_nvd
Published
2013-01-04 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1550.html | Vendor Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-0511.html | ||
| secalert@redhat.com | http://secunia.com/advisories/51482 | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/56843 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1027846 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=864397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1550.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0511.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51482 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/56843 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027846 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=864397 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | certificate_system | * | |
| redhat | certificate_system | 7.1 | |
| redhat | certificate_system | 7.2 | |
| redhat | certificate_system | 7.3 | |
| redhat | certificate_system | 8 | |
| redhat | certificate_system | 8.0 | |
| redhat | certificate_system | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AAB4016-809B-4BF9-875C-18B261050AA9",
"versionEndIncluding": "8.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A94B7103-11B7-4B1E-AE02-86210F9CCCAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27FE079E-FB15-443C-BE2E-1D4C940BB8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2654E6A-190C-4D5C-ABC0-89011DD8E293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*",
"matchCriteriaId": "C2EF75FF-FCDB-433C-A7B9-4DBAABAC6643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "969F1FDC-EB66-4758-B619-C48CA1E5B1AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25F5AA3E-5776-4B66-A2B7-78A95C37581A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Red Hat Certificate System (RHCS) anteriores a v8.1.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de(1) pageStart o (2) pageSize sobre el script displayCRL, o (3) variable nonce sobre sobre el script profileProcess."
}
],
"id": "CVE-2012-4543",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-04T22:55:01.930",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51482"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/56843"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027846"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2012-4543
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-4543",
"description": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
"id": "GSD-2012-4543",
"references": [
"https://access.redhat.com/errata/RHSA-2013:0511",
"https://access.redhat.com/errata/RHSA-2012:1550",
"https://linux.oracle.com/cve/CVE-2012-4543.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-4543"
],
"details": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.",
"id": "GSD-2012-4543",
"modified": "2023-12-13T01:20:14.912139Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=864397",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"name": "1027846",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027846"
},
{
"name": "RHSA-2012:1550",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"name": "51482",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51482"
},
{
"name": "56843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56843"
},
{
"name": "RHSA-2013:0511",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:certificate_system:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4543"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1550",
"refsource": "REDHAT",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1550.html"
},
{
"name": "1027846",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1027846"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=864397",
"refsource": "MISC",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=864397"
},
{
"name": "51482",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51482"
},
{
"name": "56843",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/56843"
},
{
"name": "RHSA-2013:0511",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0511.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2013-03-08T04:09Z",
"publishedDate": "2013-01-04T22:55Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…