Red Hat · Red Hat Certificate System · CVE-2009-0588
**Name of the Vulnerable Software and Affected Versions**
Red Hat Certificate System versions 7.3
**Description**
The issue affects the Registration Authority (RA) component in Red Hat Certificate System, where the `agent/request/op.cgi` component allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified `request ID` field.
**Recommendations**
For Red Hat Certificate System version 7.3, consider restricting access to the `agent/request/op.cgi` component to prevent unauthorized approval of certificate requests. As a temporary workaround, limit the ability to modify the `request ID` field to authorized personnel only.