CVE-2023-5455

Ipa: invalid csrf protection

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.

Existe una vulnerabilidad de Cross-site request forgery en ipa/session/login_password en todas las versiones compatibles de IPA. Este fallo permite a un atacante engañar al usuario para que envíe una solicitud que podría realizar acciones como el usuario, lo que resulta en una pérdida de confidencialidad e integridad del sistema. Durante las pruebas de penetración de la comunidad, se descubrió que para ciertos endpoints HTTP, FreeIPA no garantizan la protección CSRF. Debido a los detalles de implementación, no se puede utilizar este fallo para reflejar una cookie que represente a un usuario que ya inició sesión. Un atacante siempre tendría que realizar un nuevo intento de autenticación.

*Credits: N/A

CVSS Scores

NISTv3.1 6.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-10-09 CVE Reserved
2024-01-10 CVE Published
2024-02-21 EPSS Updated
2024-11-14 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-352: Cross-Site Request Forgery (CSRF)

CAPEC

References (18)

URL	Tag	Source
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U76DAZZVY7V4XQBOOV5ETPTHW3A6MW5O	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFNUQH7IOHTKCTKQWFHONWGUBOUANL6I	Mailing List
https://www.freeipa.org/release-notes/4-10-3.html	Release Notes
https://www.freeipa.org/release-notes/4-11-1.html	Release Notes
https://www.freeipa.org/release-notes/4-6-10.html	Release Notes
https://www.freeipa.org/release-notes/4-9-14.html	Release Notes

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2024:0137	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0138	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0139	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0140	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0141	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0142	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0143	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0144	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0145	2024-02-20
https://access.redhat.com/errata/RHSA-2024:0252	2024-02-20
https://access.redhat.com/security/cve/CVE-2023-5455	2024-01-15
https://bugzilla.redhat.com/show_bug.cgi?id=2242828	2024-01-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Freeipa Search vendor "Freeipa"		Freeipa Search vendor "Freeipa" for product "Freeipa"				< 4.6.10 Search vendor "Freeipa" for product "Freeipa" and version " < 4.6.10"		-		Affected
Freeipa Search vendor "Freeipa"		Freeipa Search vendor "Freeipa" for product "Freeipa"				>= 4.7.0 < 4.9.14 Search vendor "Freeipa" for product "Freeipa" and version " >= 4.7.0 < 4.9.14"		-		Affected
Freeipa Search vendor "Freeipa"		Freeipa Search vendor "Freeipa" for product "Freeipa"				>= 4.10.0 < 4.10.3 Search vendor "Freeipa" for product "Freeipa" and version " >= 4.10.0 < 4.10.3"		-		Affected
Freeipa Search vendor "Freeipa"		Freeipa Search vendor "Freeipa" for product "Freeipa"				4.11.0 Search vendor "Freeipa" for product "Freeipa" and version "4.11.0"		-		Affected
Freeipa Search vendor "Freeipa"		Freeipa Search vendor "Freeipa" for product "Freeipa"				4.11.0 Search vendor "Freeipa" for product "Freeipa" and version "4.11.0"		beta1		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				38 Search vendor "Fedoraproject" for product "Fedora" and version "38"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				39 Search vendor "Fedoraproject" for product "Fedora" and version "39"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				40 Search vendor "Fedoraproject" for product "Fedora" and version "40"		-		Affected
Redhat Search vendor "Redhat"		Codeready Linux Builder Search vendor "Redhat" for product "Codeready Linux Builder"				-		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"		arm64		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				8.4 Search vendor "Redhat" for product "Enterprise Linux" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				8.6 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				8.6 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.6"		arm64		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				8.8 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.8"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				9.0 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus"				9.2 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Arm 64 Eus Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus"				8.8 Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "8.8"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Arm 64 Eus Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus"				9.0 Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Arm 64 Eus Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus"				9.2 Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems"				8.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "8.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems"				9.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"				8.6 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"				8.8 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.8"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"				9.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"				9.2 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Big Endian Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Big Endian" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian"				8.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "8.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian"				9.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				8.6 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				8.8 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.8"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				9.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"				9.2 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux For Scientific Computing Search vendor "Redhat" for product "Enterprise Linux For Scientific Computing"				7.0 Search vendor "Redhat" for product "Enterprise Linux For Scientific Computing" and version "7.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				9.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "9.0"		arm64		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				9.2 Search vendor "Redhat" for product "Enterprise Linux Server" and version "9.2"		arm64		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				8.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus"				9.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux Server For Ibm Z Systems"				9.2 Search vendor "Redhat" for product "Enterprise Linux Server For Ibm Z Systems" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions"				8.6 Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				8.4 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.4"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus"				8.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				8.2 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "8.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				8.6 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "8.6"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				9.0 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions"				9.2 Search vendor "Redhat" for product "Enterprise Linux Server Update Services For Sap Solutions" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Update Services For Sap Solutions"				9.0 Search vendor "Redhat" for product "Enterprise Linux Update Services For Sap Solutions" and version "9.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Update Services For Sap Solutions"				9.2 Search vendor "Redhat" for product "Enterprise Linux Update Services For Sap Solutions" and version "9.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation"				7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0"		-		Affected