CVE-2012-4543

Vulnerability

Multiple cross-site scripting (XSS) vulnerabilities exist in Red Hat Certificate System (RHCS) before version 8.1.3. The flaws are in the displayCRL script (via the pageStart and pageSize parameters) and the profileProcess script (via the nonce variable). These issues affect the pki-common and pki-core packages as shipped with Red Hat Enterprise Linux 6 and Red Hat Certificate System 8.1 [1][2][3].

Exploitation

An attacker can exploit these vulnerabilities by crafting a malicious URL containing injected JavaScript in the pageStart, pageSize, or nonce parameters. The victim must be authenticated to the Certificate System's web interface and visit the crafted URL. No additional privileges are required; the attack is performed remotely via the web interface [1][2][3].

Impact

Successful exploitation allows the attacker to execute arbitrary HTML and script in the victim's browser within the security context of the Certificate System. This can lead to session hijacking, data theft, or unauthorized actions performed on behalf of the victim, compromising the confidentiality and integrity of interactions with the Certificate Authority [1][2][3].

Mitigation

Fixed versions are available in Red Hat Certificate System 8.1.3. Patches are provided via RHSA-2012:1550 (for pki-common and pki-tps) and RHSA-2013:0511 (for pki-core). All Certificate System subsystems must be restarted after applying the update. No known workarounds are documented, and administrative access to the web interface should be restricted where possible [1][2][3].