CentOS ProjectCESA-2016:1797ipa security update
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
59.8%
CentOS Errata and Security Advisory CESA-2016:1797
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
Security Fix(es):
- An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the ‘retrieve certificate’ permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack. (CVE-2016-5404)
This issue was discovered by Fraser Tweedale (Red Hat).
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-September/084219.html
https://lists.centos.org/pipermail/centos-announce/2016-September/084222.html
Affected packages:
ipa-admintools
ipa-client
ipa-python
ipa-server
ipa-server-dns
ipa-server-selinux
ipa-server-trust-ad
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:1797
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 6 | i686 | ipa-admintools | < 3.0.0-50.el6.centos.2 | ipa-admintools-3.0.0-50.el6.centos.2.i686.rpm |
| CentOS | 6 | i686 | ipa-client | < 3.0.0-50.el6.centos.2 | ipa-client-3.0.0-50.el6.centos.2.i686.rpm |
| CentOS | 6 | i686 | ipa-python | < 3.0.0-50.el6.centos.2 | ipa-python-3.0.0-50.el6.centos.2.i686.rpm |
| CentOS | 6 | i686 | ipa-server | < 3.0.0-50.el6.centos.2 | ipa-server-3.0.0-50.el6.centos.2.i686.rpm |
| CentOS | 6 | i686 | ipa-server-selinux | < 3.0.0-50.el6.centos.2 | ipa-server-selinux-3.0.0-50.el6.centos.2.i686.rpm |
| CentOS | 6 | i686 | ipa-server-trust-ad | < 3.0.0-50.el6.centos.2 | ipa-server-trust-ad-3.0.0-50.el6.centos.2.i686.rpm |
| CentOS | 6 | x86_64 | ipa-admintools | < 3.0.0-50.el6.centos.2 | ipa-admintools-3.0.0-50.el6.centos.2.x86_64.rpm |
| CentOS | 6 | x86_64 | ipa-client | < 3.0.0-50.el6.centos.2 | ipa-client-3.0.0-50.el6.centos.2.x86_64.rpm |
| CentOS | 6 | x86_64 | ipa-python | < 3.0.0-50.el6.centos.2 | ipa-python-3.0.0-50.el6.centos.2.x86_64.rpm |
| CentOS | 6 | x86_64 | ipa-server | < 3.0.0-50.el6.centos.2 | ipa-server-3.0.0-50.el6.centos.2.x86_64.rpm |
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
59.8%