Lucene search

PRIOn knowledge basePRION:CVE-2012-2203

HistoryAug 08, 2012 - 10:26 a.m.

Format string

2012-08-0810:26:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.7%

JSON

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via vectors involving insertion of an arbitrary root Certification Authority (CA) certificate.

CPENameOperatorVersion
global_security_kitle8.0.13
global_security_kiteq7.0.4.29
global_security_kiteq7.0.4.28

Name	Operator	Version
global_security_kit	le	8.0.13
global_security_kit	eq	7.0.4.29
global_security_kit	eq	7.0.4.28

References

secunia.com/advisories/51279

www-01.ibm.com/support/docview.wss?uid=swg1IV31973

www-01.ibm.com/support/docview.wss?uid=swg1IV31975

www-01.ibm.com/support/docview.wss?uid=swg21606145

www.securityfocus.com/bid/54743

exchange.xforce.ibmcloud.com/vulnerabilities/77280

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for PRION:CVE-2012-2203