Unrated severityNVD Advisory· Published Jan 27, 2013· Updated Apr 29, 2026
CVE-2012-5484
CVE-2012-5484
Description
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
Affected products
11cpe:2.3:a:redhat:freeipa:2.0.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:redhat:freeipa:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:freeipa:3.1.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.freeipa.org/page/CVE-2012-5484nvdVendor Advisory
- git.fedorahosted.org/cgit/freeipa.git/commit/nvd
- git.fedorahosted.org/cgit/freeipa.git/commit/nvd
- git.fedorahosted.org/cgit/freeipa.git/commit/nvd
- git.fedorahosted.org/cgit/freeipa.git/commit/nvd
- git.fedorahosted.org/cgit/freeipa.git/commit/nvd
- rhn.redhat.com/errata/RHSA-2013-0188.htmlnvd
- rhn.redhat.com/errata/RHSA-2013-0189.htmlnvd
- www.freeipa.org/page/Releases/3.1.2nvd
News mentions
0No linked articles in our index yet.