PT-2012-4167 · Red Hat+1 · Dogtag Certificate System+3

Published

2012-08-13

Updated

2023-02-13

CVE-2012-2662

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Certificate System versions prior to 8.1.1 Dogtag Certificate System (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.

Recommendations For Red Hat Certificate System versions prior to 8.1.1, update to version 8.1.1 or later. For Dogtag Certificate System, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CESA-2015_1347

CVE-2012-2662

RHSA-2012:1103

RHSA-2015:1347

RHSA-2015_1347

Affected Products

Centos

Dogtag Certificate System

Red Hat

Red Hat Certificate System

PT-2012-4167 · Red Hat+1 · Dogtag Certificate System+3

CVE-2012-2662

Weakness Enumeration

Related Identifiers

Affected Products

References · 17