CVE-2013-7450

Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations.
References
Link Resource
https://github.com/pulp/pulp/pull/627 Issue Tracking Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1328345 Issue Tracking Patch
https://bugzilla.redhat.com/show_bug.cgi?id=1003326 Issue Tracking Patch
http://www.openwall.com/lists/oss-security/2016/05/20/1 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/04/18/5 Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/04/18/11 Mailing List Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:pulpproject:pulp:*:*:*:*:*:*:*:*

Information

Published : 2017-04-03 08:59

Updated : 2017-04-26 06:22


NVD link : CVE-2013-7450

Mitre link : CVE-2013-7450


JSON object : View

CWE
CWE-295

Improper Certificate Validation

Advertisement

dedicated server usa

Products Affected

pulpproject

  • pulp