CVE-2012-6119 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2012-6119

Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.

Published: Apr 3, 2013
Updated: Apr 13, 2023
CVE: CVE-2012-6119
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
redhat / subscription_asset_manager	1.1.0	1.1.0.x
redhat / subscription_asset_manager	1.0.0	1.0.0.x
candlepinproject / candlepin	0.4.11	0.4.11.x
redhat / subscription_asset_manager	-	1.2.0.x
candlepinproject / candlepin	0.6.3	0.6.3.x
candlepinproject / candlepin	-	0.7.2.x
candlepinproject / candlepin	0.4.27	0.4.27.x
candlepinproject / candlepin	0.5.5	0.5.5.x
candlepinproject / candlepin	0.4.5	0.4.5.x