CVE-2012-2549

Name of the Vulnerable Software and Affected Versions Windows Server versions 2008 R2 through 2012

Description The issue arises from the IP-HTTPS server's failure to properly validate certificates. This allows remote attackers to bypass intended access restrictions by using a revoked certificate.

Recommendations For Windows Server 2008 R2 and R2 SP1, update the certificate validation mechanism to properly check for revoked certificates. For Windows Server 2012, ensure that the IP-HTTPS server is configured to validate certificates correctly, preventing the use of revoked certificates.