CVE-2010-3869

medium

Description

Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN.

References

https://rhn.redhat.com/errata/RHSA-2010-0838.html

https://rhn.redhat.com/errata/RHSA-2010-0837.html

https://fedorahosted.org/pki/changeset/1246

https://bugzilla.redhat.com/show_bug.cgi?id=648883

http://www.osvdb.org/69148

http://securitytracker.com/id?1024697

http://secunia.com/advisories/42181

Details

Source: Mitre, NVD

Published: 2010-11-17

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N