Headline
RHSA-2022:7086: Red Hat Security Advisory: pki-core security update
An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2393: pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-10-24
Updated:
2022-10-24
RHSA-2022:7086 - Security Advisory
- Overview
- Updated Packages
Synopsis
Moderate: pki-core security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
- pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field (CVE-2022-2393)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2101046 - CVE-2022-2393 pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field
Red Hat Enterprise Linux Server 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
x86_64
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 9ab38f9ef744b98899548bed581e8508e954295b1624c12d6c989661b29904a9
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 6d37e00cc361f7765dadbf860f8b81eebbe6be8067e58a35885e759f583dced8
pki-tools-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 82d0aa45b3b854a64cfd119fefea6cce68bed9ea55b5a49859aee7b1e09fe7ad
Red Hat Enterprise Linux Workstation 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
x86_64
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 9ab38f9ef744b98899548bed581e8508e954295b1624c12d6c989661b29904a9
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 6d37e00cc361f7765dadbf860f8b81eebbe6be8067e58a35885e759f583dced8
pki-tools-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 82d0aa45b3b854a64cfd119fefea6cce68bed9ea55b5a49859aee7b1e09fe7ad
Red Hat Enterprise Linux Desktop 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
x86_64
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 9ab38f9ef744b98899548bed581e8508e954295b1624c12d6c989661b29904a9
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 6d37e00cc361f7765dadbf860f8b81eebbe6be8067e58a35885e759f583dced8
pki-tools-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 82d0aa45b3b854a64cfd119fefea6cce68bed9ea55b5a49859aee7b1e09fe7ad
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
s390x
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.s390x.rpm
SHA-256: ffcd7d41680c61439893b78f88d7ced4bcc6dfa3bee5102d581288841e73a090
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.s390x.rpm
SHA-256: f0f17f5af9067277fd20644743449224ad0d60c547a9adefd824b7cd088b2b6c
pki-tools-10.5.18-23.el7_9.s390x.rpm
SHA-256: eb98a9182c55cee892288757bdde90015f7395704c043a5e8f170725d4faf9a3
Red Hat Enterprise Linux for Power, big endian 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
ppc64
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.ppc64.rpm
SHA-256: f8cb3d254a4b2472f1ffaaa1321647eab76a2554da0f83441e67bad518324245
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.ppc64.rpm
SHA-256: d46cffaea9b2327726a192e400665e0a1edafcfa510179b6780cdbd50fc7c200
pki-tools-10.5.18-23.el7_9.ppc64.rpm
SHA-256: a005c77b62b813ba516db38f34599aa5f72b5f531b66e2b60f9b6aa0559e0422
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
x86_64
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 9ab38f9ef744b98899548bed581e8508e954295b1624c12d6c989661b29904a9
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 6d37e00cc361f7765dadbf860f8b81eebbe6be8067e58a35885e759f583dced8
pki-tools-10.5.18-23.el7_9.x86_64.rpm
SHA-256: 82d0aa45b3b854a64cfd119fefea6cce68bed9ea55b5a49859aee7b1e09fe7ad
Red Hat Enterprise Linux for Power, little endian 7
SRPM
pki-core-10.5.18-23.el7_9.src.rpm
SHA-256: 7b319343ff8a26ad4c293464963140f8e853417291155cab46b31f6674b25721
ppc64le
pki-base-10.5.18-23.el7_9.noarch.rpm
SHA-256: 2c523e2a6d3d275aaa4cf7f9ec8d8a46db7b119618241985921bb63a2efd1c67
pki-base-java-10.5.18-23.el7_9.noarch.rpm
SHA-256: 06452642f3a7882d4c01200b82a7994460a83905621a66a35741bbb02540b2fa
pki-ca-10.5.18-23.el7_9.noarch.rpm
SHA-256: b78683a30263db54f2e3aa610ef96c7584908026e40d54d8479fcd9bc77b7a4d
pki-core-debuginfo-10.5.18-23.el7_9.ppc64le.rpm
SHA-256: 4bf6e7d8893e8da26a2524696be15dcef905612e73f59b120dd4e0136f6a95a0
pki-core-debuginfo-10.5.18-23.el7_9.ppc64le.rpm
SHA-256: 4bf6e7d8893e8da26a2524696be15dcef905612e73f59b120dd4e0136f6a95a0
pki-javadoc-10.5.18-23.el7_9.noarch.rpm
SHA-256: 4dc94d54d34810f9651f87a6d7e52472519f38dac138ca58d8fbe034769853aa
pki-kra-10.5.18-23.el7_9.noarch.rpm
SHA-256: 738ee8146e0c421db9ddc4e80166249b68d5b5e01ab60c46d5cd4da76c74c7a8
pki-server-10.5.18-23.el7_9.noarch.rpm
SHA-256: 07e0c5533f092467b0c91fa55f9394eae77c65a398cdf745d3f9cff8b9780604
pki-symkey-10.5.18-23.el7_9.ppc64le.rpm
SHA-256: ba94f64a962c18bdd72b25886d592e5d92224062701fdfe104d93b765a0c0452
pki-tools-10.5.18-23.el7_9.ppc64le.rpm
SHA-256: a43fb42ffbaf519a265ca0174a87086cdae37684fa55dbc052e46b23a100534a
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-3394-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
An update for the pki-core:10.6 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2393: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able t...
An update for jss, ldapjdk, pki-core, and tomcatjss is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2393: A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt mess...
Red Hat Security Advisory 2022-7086-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
Red Hat Security Advisory 2022-7077-01 - Updated CVE security packages are now available for Red Hat Certificate System 9.7.
Updated CVE security packages are now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References sectionThis content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2393: pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.