CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2023-5455 – Ipa: invalid csrf protection
https://notcve.org/view.php?id=CVE-2023-5455
10 Jan 2024 — A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing alrea... • https://access.redhat.com/errata/RHSA-2024:0137 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5284
https://notcve.org/view.php?id=CVE-2015-5284
21 Sep 2017 — ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable. ipa-kra-install en FreeIPA en versiones anteriores a la 4.2.2 coloca el certificado de agente CA y la clave privada en /etc/httpd/alias/kra-agent.pem, que puede leer todo el mundo. • https://bugzilla.redhat.com/attachment.cgi?id=1075511 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-5179
https://notcve.org/view.php?id=CVE-2015-5179
20 Sep 2017 — FreeIPA might display user data improperly via vectors involving non-printable characters. FreeIPA podría mostrar de forma incorrecta datos de usuario mediante vectores que incluyen caracteres que no se pueden imprimir. • https://bugzilla.redhat.com/show_bug.cgi?id=1252567 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0CVE-2017-2590 – ipa: Insufficient permission check for ca-del, ca-disable and ca-enable commands
https://notcve.org/view.php?id=CVE-2017-2590
03 Mar 2017 — A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. Se ha encontrado una vulnerabilidad en ipa en versiones anteriores a la 4.4. Los comandos ca-del, ca-disable, y ca-enable de IdM no co... • http://rhn.redhat.com/errata/RHSA-2017-0388.html • CWE-275: Permission Issues CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2015-1827 – ipa: memory corruption when using get_user_grouplist()
https://notcve.org/view.php?id=CVE-2015-1827
26 Mar 2015 — The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups. La función get_user_grouplist en el plug-in extdom en FreeIPA en versiones anteriores a 4.1.4 no reasigna memoria correctamente cuando procesa las cuentas de usuarios, lo que permite a atacantes remotos causar denegación d... • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154314.html • CWE-19: Data Processing Errors CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 1CVE-2013-0336
https://notcve.org/view.php?id=CVE-2013-0336
03 Nov 2014 — The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA before 3.2.0 allows remote attackers to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 directory server. La función ipapwd_chpwop en daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c en el servidor del directorio (dirsrv) en FreeIPA anterior a 3.2.0 permite a atacantes remotos causar una denegación de servicio (caída) a ... • http://secunia.com/advisories/52763 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 27EXPL: 0CVE-2011-3636 – FreeIPA: CSRF vulnerability
https://notcve.org/view.php?id=CVE-2011-3636
08 Dec 2011 — Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes. Vulnerabilidad de falsificación de petición en sitios cruzados en el interfaz de gestión en FreeIPA antes de v2.1.4, permite a atacantes no identificados secuestrar la autenticación de administradores para peticiones que realizan cambios de configuración. • http://freeipa.org/page/IPAv2_214 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2008-3274 – IPA Kerberos master password disclosure
https://notcve.org/view.php?id=CVE-2008-3274
12 Sep 2008 — The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query. La configuración por defecto de Red Hat Enterprise IPA versión 1.0.0 y FreeIPA versiones anteriores a 1.1.1 pone ldap:///anyone en la ACL de lectura para el atributo krbMKey, lo que permite a atacantes remotos obtener la clave maestra de Kerberos utilizando una consulta ... • http://git.fedorahosted.org/git/freeipa.git/?p=freeipa.git%3Ba=commit%3Bh=9932887f2af38b9701efec27707648c026ec445c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •