rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-05-21T18:00:00
Updated: 2024-08-06T21:28:39.385Z
Reserved: 2012-12-06T00:00:00
Link: CVE-2012-6137
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-05-21T18:55:01.653
Modified: 2017-08-29T01:32:54.933
Link: CVE-2012-6137
Redhat