cbcvebase.
CVE-2012-6137
published 2013-05-21

CVE-2012-6137: rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a…

medium4.3CVSS 3.1
AVNACMAuNCNIPAN
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.

Affected

10 ranges
VendorProductVersion rangeFixed in
redhatenterprise_linux
redhatenterprise_linux_desktop
redhatenterprise_linux_desktop
redhatenterprise_linux_eus
redhatenterprise_linux_hpc_node
redhatenterprise_linux_long_life
redhatenterprise_linux_server
redhatenterprise_linux_server_aus
redhatenterprise_linux_server_eus
redhatenterprise_linux_workstation