Skip to main content

Certificate System

10 CVEs product

Monthly

CVE-2022-2393 MEDIUM This Month

A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Pki Core Certificate System Enterprise Linux
NVD
CVSS 3.1
5.7
EPSS
0.2%
CVE-2021-20179 HIGH PATCH This Week

A flaw was found in pki-core. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Dogtagpki Certificate System Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2020-1696 MEDIUM This Month

A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service (TPS) where it did not properly sanitize Profile IDs, enabling a Stored Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Certificate System Dogtagpki
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2013-1886 HIGH This Week

Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service RCE Certificate System Dogtag Certificate System
NVD
CVSS 2.0
7.5
EPSS
1.7%
CVE-2013-1885 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System Dogtag Certificate System
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-4556 MEDIUM This Month

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Apache Certificate System
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2012-4555 MEDIUM This Month

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Apache Certificate System
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2012-4543 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-3367 MEDIUM POC This Month

Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Red Hat Information Disclosure Certificate System Dogtag Certificate System
NVD
CVSS 2.0
5.5
EPSS
0.4%
CVE-2012-2662 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System Dogtag Certificate System
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 0% CVSS 5.7
MEDIUM This Month

A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Pki Core Certificate System +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

A flaw was found in pki-core. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Dogtagpki Certificate System +2
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM This Month

A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service (TPS) where it did not properly sanitize Profile IDs, enabling a Stored Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Certificate System Dogtagpki
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Format string vulnerability in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service RCE +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Apache +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Denial Of Service Apache +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Red Hat Information Disclosure Certificate System +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy