Vulnerability Details : CVE-2012-5484
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
Exploit prediction scoring system (EPSS) score for CVE-2012-5484
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 33 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-5484
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.9
|
HIGH | AV:A/AC:M/Au:N/C:C/I:C/A:C |
5.5
|
10.0
|
NIST |
CWE ids for CVE-2012-5484
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5484
-
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=91f4af7e6af53e1c6bf17ed36cb2161863eddae4
Overview - freeipa - Pagure.io
-
http://rhn.redhat.com/errata/RHSA-2013-0188.html
RHSA-2013:0188 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-0189.html
RHSA-2013:0189 - Security Advisory - Red Hat Customer Portal
-
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f
Overview - freeipa - Pagure.io
-
http://www.freeipa.org/page/CVE-2012-5484
CVE-2012-5484 - FreeIPAVendor Advisory
-
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a40285c5a0288669b72f9d991508d4405885bffc
Overview - freeipa - Pagure.io
-
http://www.freeipa.org/page/Releases/3.1.2
Releases/3.1.2 - FreeIPA
-
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a1991aeac19c3fec1fdd0d184c6760c90c9f9fc9
Overview - freeipa - Pagure.io
-
http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=31e41eea6c2322689826e6065ceba82551c565aa
Overview - freeipa - Pagure.io
Products affected by CVE-2012-5484
- cpe:2.3:a:redhat:freeipa:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.0:*:*:*:*:*:*:*