Vulnerability Description
Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Certificate System | 7.1 |
| Netscape | Certificate Management System | <= 6.2 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2008-0500.htmlPatch
- http://rhn.redhat.com/errata/RHSA-2008-0577.htmlPatch
- http://secunia.com/advisories/30929
- http://www.securityfocus.com/bid/30062
- http://www.securitytracker.com/id?1020427
- https://bugzilla.redhat.com/show_bug.cgi?id=445227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43573
- http://rhn.redhat.com/errata/RHSA-2008-0500.htmlPatch
- http://rhn.redhat.com/errata/RHSA-2008-0577.htmlPatch
- http://secunia.com/advisories/30929
- http://www.securityfocus.com/bid/30062
- http://www.securitytracker.com/id?1020427
- https://bugzilla.redhat.com/show_bug.cgi?id=445227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43573
FAQ
What is CVE-2008-1676?
CVE-2008-1676 is a vulnerability with a CVSS score of 7.5 (HIGH). Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certifica...
How severe is CVE-2008-1676?
CVE-2008-1676 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1676?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Certificate System, Netscape Certificate Management System.