CVE-2012-4556

CWE-20 โ€” Improper Input Validation7 documents5 sources
Severity
4.0MEDIUM
EPSS
0.4%
top 40.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Certificate System
Timeline
PublishedJan 4
Latest updateMay 17

Description

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

โ–ถNVDredhat/certificate_system8.1.1+5

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-fw6f-r68r-6fjx: The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8โ†—2022-05-17
โ–ถ
CVEList
CVE-2012-4556: The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8โ†—2013-01-04
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Red Hat
pki-tps: Connection reset when performing empty certificate search in TPSโ†—2012-12-06
โ–ถ

๐Ÿ’ฌCommunity

3
Bugzilla
CVE-2012-4556 pki-tps: Connection reset when performing empty certificate search in TPS [epel-5]โ†—2012-12-06
โ–ถ
Bugzilla
CVE-2012-4555 CVE-2012-4556 pki-tps various flaws [fedora-all]โ†—2012-12-06
โ–ถ
Bugzilla
CVE-2012-4556 pki-tps: Connection reset when performing empty certificate search in TPSโ†—2012-10-24
โ–ถ
CVE-2012-4556 (MEDIUM CVSS 4) | The token processing system (pki-tp | cvebase.io