CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

NVD•added 2013/04/02 10:55 p.m.•18 views

CVE-2012-6119

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests...

2.1CVSS6.1AI score0.00057EPSS

Exploits0References6

Prion•added 2013/04/02 10:55 p.m.•15 views

Code injection

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests...

2.1CVSS6.6AI score0.00057EPSS

Exploits0References6Affected Software2

CVE•added 2013/04/02 10:0 p.m.•54 views

CVE-2012-6119

CVE-2012-6119 concerns Candlepin before 0.7.24 used in Red Hat Subscription Asset Manager before 1.2.1, where manifest signatures were not properly checked, allowing local users to modify manifests. The related VERACODE entries confirm this and tie remediation to the Red Hat 1.2.1 update (RHSA-20...

2.1CVSS6.3AI score0.00057EPSS

Exploits0References6Affected Software2

RedHat Linux•added 2013/03/26 7:10 p.m.•1 views

Candlepin: Re-enable manifest signature checking

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests...

2.1CVSS5.8AI score0.00057EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by