Lucene search
PRIOn knowledge basePRION:CVE-2012-6116HistoryMar 01, 2013 - 5:40 a.m.
Code injection
2013-03-0105:40:00
PRIOn knowledge base
www.prio-n.com
2
6.6 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.4%
modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions (666) for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| katello-configure | eq | <= 1.3.2-pulpv2 |
Related
cve
cve
CVE-2012-6116
2013-03-01 05:40:00
veracode
veracode
Authorization Bypass
2019-01-15 09:00:49
Arbitrary Code Execution
2019-05-02 04:44:25
Input Validation Bypass
2019-05-02 04:44:16
redhat
redhat
(RHSA-2013:0686) Moderate: Subscription Asset Manager 1.2.1 update
2013-03-26 00:00:00
nessus
nessus
RHEL 6 : Subscription Asset Manager (RHSA-2013:0686)
2013-04-10 00:00:00
6.6 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.4%
Related for PRION:CVE-2012-6116