CVE-2012-3503

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 21-08-2012 02:00

Last modified: - 21-08-2012 02:00

Total changes: - 8

Description

CVE-2012-3503 Katello: Application.config.secret_token is not generated properly

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

5.0

Base score

Exploitability score

Impact score

Verification logic

AND

product=katello-0 AND versionEndExcluding=0.1.320-1.el6cf

vendor=cloudforms_systemengine AND product=1 AND version=

AND

product=katello-0 AND versionEndExcluding=0.3.4-1.el6_2

vendor=rhel_sam AND product=1.1 AND version=

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=849210
https://access.redhat.com/errata/RHSA-2012:1186
https://access.redhat.com/errata/RHSA-2012:1187

Keywords

CVE-2012-3503

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

REDHAT

CVE-2012-3503

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures