CVE-2012-6119

Published: Apr 2, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

52774

third-party-advisory

x_refsource_SECUNIA

91719

vdb-entry

x_refsource_OSVDB

https://bugzilla.redhat.com/show_bug.cgi?id=908613

x_refsource_MISC

https://github.com/candlepin/candlepin/blob/master/candlepin.spec

x_refsource_CONFIRM

RHSA-2013:0686

vendor-advisory

x_refsource_REDHAT

https://github.com/candlepin/candlepin/commit/f4d93230e58b969c506b4c9778e04482a059b08c

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-6119

Description

Affected Products

References