CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-0546

up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=106036724315539&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A631
http://marc.info/?l=bugtraq&m=106036724315539&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A631

Products affected by CVE-2003-0546

Redhat » Up2date » Version: 3.0.7-1

cpe:2.3:a:redhat:up2date:3.0.7-1
Redhat » Up2date » Version: 3.1.23-1

cpe:2.3:a:redhat:up2date:3.1.23-1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-0546

Products

Pricing

Contact Us