8 results (0.006 seconds)

CVSS: 6.5EPSS: 0%CPEs: 59EXPL: 0

CVE-2023-5455 – Ipa: invalid csrf protection

https://notcve.org/view.php?id=CVE-2023-5455

A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt. • https://access.redhat.com/errata/RHSA-2024:0137 https://access.redhat.com/errata/RHSA-2024:0138 https://access.redhat.com/errata/RHSA-2024:0139 https://access.redhat.com/errata/RHSA-2024:0140 https://access.redhat.com/errata/RHSA-2024:0141 https://access.redhat.com/errata/RHSA-2024:0142 https://access.redhat.com/errata/RHSA-2024:0143 https://access.redhat.com/errata/RHSA-2024:0144 https://access.redhat.com/errata/RHSA-2024:0145 https://access.redhat.com/errata/RHSA • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-5284

https://notcve.org/view.php?id=CVE-2015-5284

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable. ipa-kra-install en FreeIPA en versiones anteriores a la 4.2.2 coloca el certificado de agente CA y la clave privada en /etc/httpd/alias/kra-agent.pem, que puede leer todo el mundo. • https://bugzilla.redhat.com/attachment.cgi?id=1075511 https://bugzilla.redhat.com/show_bug.cgi?id=1264790 https://pagure.io/freeipa/issue/5347 https://www.redhat.com/archives/freeipa-interest/2015-October/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2015-5179

https://notcve.org/view.php?id=CVE-2015-5179

FreeIPA might display user data improperly via vectors involving non-printable characters. FreeIPA podría mostrar de forma incorrecta datos de usuario mediante vectores que incluyen caracteres que no se pueden imprimir. • https://bugzilla.redhat.com/show_bug.cgi?id=1252567 https://pagure.io/freeipa/issue/5153 • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0

CVE-2017-2590 – ipa: Insufficient permission check for ca-del, ca-disable and ca-enable commands

https://notcve.org/view.php?id=CVE-2017-2590

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. Se ha encontrado una vulnerabilidad en ipa en versiones anteriores a la 4.4. Los comandos ca-del, ca-disable, y ca-enable de IdM no comprobaban correctamente los permisos del usuario mientras modificaban las CA en Dogtag. • http://rhn.redhat.com/errata/RHSA-2017-0388.html http://www.securityfocus.com/bid/96557 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2590 https://access.redhat.com/security/cve/CVE-2017-2590 https://bugzilla.redhat.com/show_bug.cgi?id=1413137 • CWE-275: Permission Issues CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.0EPSS: 2%CPEs: 3EXPL: 0

CVE-2015-1827 – ipa: memory corruption when using get_user_grouplist()

https://notcve.org/view.php?id=CVE-2015-1827

The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups. La función get_user_grouplist en el plug-in extdom en FreeIPA en versiones anteriores a 4.1.4 no reasigna memoria correctamente cuando procesa las cuentas de usuarios, lo que permite a atacantes remotos causar denegación de servicio (caída) a través de una solicitud de lista de grupo para un usuario que pertenece a un número grande de grupos. It was discovered that the IPA extdom Directory Server plug-in did not correctly perform memory reallocation when handling user account information. A request for a list of groups for a user that belongs to a large number of groups would cause a Directory Server to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154314.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154103.html http://rhn.redhat.com/errata/RHSA-2015-0728.html http://www.securityfocus.com/bid/73376 https://bugzilla.redhat.com/show_bug.cgi?id=1205200 https://fedorahosted.org/freeipa/ticket/4908 https://access.redhat.com/security/cve/CVE-2015-1827 • CWE-19: Data Processing Errors CWE-131: Incorrect Calculation of Buffer Size •