6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
59.8%
CentOS Errata and Security Advisory CESA-2016:1797
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
Security Fix(es):
This issue was discovered by Fraser Tweedale (Red Hat).
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-September/084219.html
https://lists.centos.org/pipermail/centos-announce/2016-September/084222.html
Affected packages:
ipa-admintools
ipa-client
ipa-python
ipa-server
ipa-server-dns
ipa-server-selinux
ipa-server-trust-ad
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:1797
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | ipa-admintools | < 3.0.0-50.el6.centos.2 | ipa-admintools-3.0.0-50.el6.centos.2.i686.rpm |
CentOS | 6 | i686 | ipa-client | < 3.0.0-50.el6.centos.2 | ipa-client-3.0.0-50.el6.centos.2.i686.rpm |
CentOS | 6 | i686 | ipa-python | < 3.0.0-50.el6.centos.2 | ipa-python-3.0.0-50.el6.centos.2.i686.rpm |
CentOS | 6 | i686 | ipa-server | < 3.0.0-50.el6.centos.2 | ipa-server-3.0.0-50.el6.centos.2.i686.rpm |
CentOS | 6 | i686 | ipa-server-selinux | < 3.0.0-50.el6.centos.2 | ipa-server-selinux-3.0.0-50.el6.centos.2.i686.rpm |
CentOS | 6 | i686 | ipa-server-trust-ad | < 3.0.0-50.el6.centos.2 | ipa-server-trust-ad-3.0.0-50.el6.centos.2.i686.rpm |
CentOS | 6 | x86_64 | ipa-admintools | < 3.0.0-50.el6.centos.2 | ipa-admintools-3.0.0-50.el6.centos.2.x86_64.rpm |
CentOS | 6 | x86_64 | ipa-client | < 3.0.0-50.el6.centos.2 | ipa-client-3.0.0-50.el6.centos.2.x86_64.rpm |
CentOS | 6 | x86_64 | ipa-python | < 3.0.0-50.el6.centos.2 | ipa-python-3.0.0-50.el6.centos.2.x86_64.rpm |
CentOS | 6 | x86_64 | ipa-server | < 3.0.0-50.el6.centos.2 | ipa-server-3.0.0-50.el6.centos.2.x86_64.rpm |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
59.8%