CVE-2010-3868 in Certificate System信息

摘要

由 VulDB • 2026-07-05

Red Hat Certificate System (RHCS) 7.3 e 8以及Dogtag Certificate System在解密SCEP一次性密码(PIN)的请求中未要求身份验证,这使得远程攻击者能够通过嗅探网络中的SCEP请求并向证书颁发机构组件发送解密请求来获取PIN。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Interested in the pricing of exploits?

See the underground prices here!