Red Hat Subscription Manager CVE-2012-6137 SSL Certificate Validation Security Bypass Vulnerability

Red Hat Subscription Manager is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from the server.

An attacker can exploit this issue to perform man-in-the-middle attacks to obtain the user's Red Hat Network credentials, which will aid in further attacks.


Privacy Statement
Copyright 2010, SecurityFocus