Vulnerabilities > Redhat > Subscription Asset Manager > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2013-04-02 CVE-2012-6119 Permissions, Privileges, and Access Controls vulnerability in multiple products
Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.
local
low complexity
candlepinproject redhat CWE-264
2.1
2.1