2 matches found
CVE-2010-3868
Red Hat Certificate System RHCS 7.3 and 8 and Dogtag Certificate System do not require authentication for requests to decrypt SCEP one-time PINs, which allows remote attackers to obtain PINs by sniffing the network for SCEP requests and then sending decryption requests to the Certificate Authorit...
CVE-2010-3868
CVE-2010-3868 affects Red Hat Certificate System (RHCS) 7.3/8 and Dogtag Certificate System: unauthenticated decryption of SCEP one-time PINs in SCEP requests allows remote attackers who sniff the network to obtain PINs. Red Hat/RHSA advisories (0837/0838) fix this by restricting decryption to au...