CVE-2010-3868

Redhat Certificate System - Authentication Bypass

Title source: rule

Description

Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System do not require authentication for requests to decrypt SCEP one-time PINs, which allows remote attackers to obtain PINs by sniffing the network for SCEP requests and then sending decryption requests to the Certificate Authority component.

References (7)

[Vendor Advisory] http://secunia.com/advisories/42181

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1024697

[Third Party Advisory, VDB Entry] http://www.osvdb.org/69149

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=648882

[Patch] https://fedorahosted.org/pki/changeset/1261

[Vendor Advisory] https://rhn.redhat.com/errata/RHSA-2010-0837.html

[Vendor Advisory] https://rhn.redhat.com/errata/RHSA-2010-0838.html

Scores

EPSS 0.0028

EPSS Percentile 50.9%

Classification

CWE

CWE-287

Status draft

Affected Products (3)

redhat/certificate_system

redhat/certificate_system

redhat/dogtag_certificate_system

Timeline

Published Nov 17, 2010

Tracked Since Feb 18, 2026