Lucene search

[email protected]CVE-2007-4994

HistoryNov 06, 2007 - 9:46 p.m.

CVE-2007-4994

2007-11-0621:46:00

CWE-255

[email protected]

web.nvd.nist.gov

cve-2007-4994

certificate server

red hat certificate system

rhcs

crl

revocations

security vulnerability

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.3%

JSON

Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.

Affected configurations

NVD

Node

redhatcertificate_serverMatch7.2

CPENameOperatorVersion
redhat:certificate_serverredhat certificate servereq7.2

CPE	Name	Operator	Version
redhat:certificate_server	redhat certificate server	eq	7.2

References

osvdb.org/40440

secunia.com/advisories/27557

www.redhat.com/support/errata/RHSA-2007-0934.html

www.securityfocus.com/bid/26377

www.securitytracker.com/id?1020532

www.vupen.com/english/advisories/2007/3405

www.vupen.com/english/advisories/2007/3406

rhn.redhat.com/errata/RHSA-2008-0566.html

6.5 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.3%

JSON

Related for CVE-2007-4994

prion1 cvelist1 nvd1