Vulnerability Description
Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Certificate System | 7.3 |
| Redhat | Dogtag Certificate System | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/42181Vendor Advisory
- http://securitytracker.com/id?1024697
- http://www.osvdb.org/69148
- https://bugzilla.redhat.com/show_bug.cgi?id=648883
- https://fedorahosted.org/pki/changeset/1246Patch
- https://rhn.redhat.com/errata/RHSA-2010-0837.htmlVendor Advisory
- https://rhn.redhat.com/errata/RHSA-2010-0838.htmlVendor Advisory
- http://secunia.com/advisories/42181Vendor Advisory
- http://securitytracker.com/id?1024697
- http://www.osvdb.org/69148
- https://bugzilla.redhat.com/show_bug.cgi?id=648883
- https://fedorahosted.org/pki/changeset/1246Patch
- https://rhn.redhat.com/errata/RHSA-2010-0837.htmlVendor Advisory
- https://rhn.redhat.com/errata/RHSA-2010-0838.htmlVendor Advisory
FAQ
What is CVE-2010-3869?
CVE-2010-3869 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.
How severe is CVE-2010-3869?
CVE-2010-3869 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3869?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Certificate System, Redhat Dogtag Certificate System.