rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle malicious users to obtain sensitive information such as user credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat enterprise linux 5 |
||
redhat enterprise linux server aus 6.4 |
||
redhat enterprise linux server eus 6.4.z |
||
redhat enterprise linux long life 5.9 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux eus 5.9.z |
||
redhat enterprise linux hpc node 6 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux workstation 6.0 |