← Back

CVE-2012-6137

nvd nist
Published: May 21, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.

Affected (10)

Redhat
9 products
Enterprise Linux
Enterprise Linux Desktop
Enterprise Linux Eus
Enterprise Linux Hpc Node
Enterprise Linux Long Life
Enterprise Linux Server
Enterprise Linux Server Aus
Enterprise Linux Server Eus
Enterprise Linux Workstation
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux
Version 5
Redhat
Enterprise Linux Desktop
Version 5.0
Enterprise Linux Desktop
Version 6.0
Enterprise Linux Eus
Version 5.9.z
Enterprise Linux Hpc Node
Version 6
Enterprise Linux Long Life
Version 5.9
Enterprise Linux Server
Version 6.0
Enterprise Linux Server Aus
Version 6.4
Enterprise Linux Server Eus
Version 6.4.z
Enterprise Linux Workstation
Version 6.0

Related CWEs

CWE-255
CWE-255

References (14)

Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.