Lucene search
+L

6 matches found

Cvelist
Cvelist
added 2026/06/22 3:43 p.m.33 views

CVE-2026-12249 Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS0.00111EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:43 p.m.4 views

CVE-2026-12249

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS6AI score0.00111EPSS
Exploits0References3Affected Software5
CVE
CVE
added 2026/06/22 3:43 p.m.27 views

CVE-2026-12249

Canonical ADSys upstream versions up to v0.16.2 expose a flaw in AD CS auto-enrollment where the vendored Samba client uses plaintext HTTP (GETCACert) to fetch the CA certificate, enabling a network attacker in a MITM position to supply an attacker-controlled Root CA. This leads to automatic enro...

9.5CVSS6AI score0.00111EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 11:16 a.m.9 views

ALPINE-CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

6.8CVSS5.8AI score0.00261EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/27 10:2 a.m.14 views

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00261EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2026/05/27 9:26 a.m.14 views

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00261EPSS
Exploits0References4
Rows per page
Query Builder