CVE-2012-3367

Name of the Vulnerable Software and Affected Versions Red Hat Certificate System (RHCS) versions prior to 8.1.1 Dogtag Certificate System (affected versions not specified)

Description The issue concerns the improper checking of certificate revocation requests made through the web interface. This allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.

Recommendations For Red Hat Certificate System (RHCS) versions prior to 8.1.1, update to version 8.1.1 or later to resolve the issue. For Dogtag Certificate System, at the moment, there is no information about a newer version that contains a fix for this vulnerability.