Vulners
Lucene search
CVE-2025-4404
🗓️ 17 Jun 2025 13:39:17Reported by redhatType 
cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 110 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 117 |
|---|---|---|---|---|
 | Security Bulletin: Vulnerability in FreeIPA affects IBM Netezza Appliance | 22 Apr 202613:18 | – | ibm |
 | Exploit for CVE-2025-4404 | 9 Aug 202507:19 | – | githubexploit |
 | Amazon Linux 2 : ipa (ALAS-2025-2901) | 25 Jun 202500:00 | – | nessus |
| Alibaba Cloud Linux 3 : 0116: idm:DL1 (ALINUX3-SA-2025:0116) | 22 Jul 202500:00 | – | nessus |
| Alibaba Cloud Linux 3 : 0162: idm:DL1 (ALINUX3-SA-2025:0162) | 16 Oct 202500:00 | – | nessus |
| AlmaLinux 9 : ipa (ALSA-2025:9184) | 30 Jun 202500:00 | – | nessus |
| AlmaLinux 8 : idm:DL1 (ALSA-2025:9188) | 30 Jun 202500:00 | – | nessus |
| AlmaLinux 10 : ipa (ALSA-2025:9190) | 9 Oct 202500:00 | – | nessus |
| MiracleLinux 8 : idm:DL1 (AXSA:2025-10036:01) | 13 Jan 202600:00 | – | nessus |
| MiracleLinux 9 : ipa-4.12.2-14.el9_6.1 (AXSA:2025-10543:04) | 13 Jan 202600:00 | – | nessus |
10
[
{
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "4.12.4",
"versionType": "semver"
}
],
"packageName": "freeipa",
"collectionURL": "https://www.freeipa.org/",
"defaultStatus": "unaffected"
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 10",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.12.2-15.el10_0.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.0"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.6.8-5.el7_9.18",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/o:redhat:rhel_els:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8100020250603150652.143e9e98",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8100020250603134209.823393f5",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8020020250609031831.50ea30f9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8020020250609030144.792f4060",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8040020250609101903.f153676a",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8040020250609095221.5b01ab7e",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020250606060927.c1533a64",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020250606060504.ada582f1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020250606060927.c1533a64",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020250606060504.ada582f1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020250606060927.c1533a64",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8060020250606060504.ada582f1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8080020250604195510.e581a9e4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8080020250604202433.b0a6ceea",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:client",
"defaultStatus": "affected",
"versions": [
{
"version": "8080020250604195510.e581a9e4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "idm:DL1",
"defaultStatus": "affected",
"versions": [
{
"version": "8080020250604202433.b0a6ceea",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/a:redhat:rhel_tus:8.8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.12.2-14.el9_6.1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb",
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.9.8-11.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.10.1-12.el9_2.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "affected",
"versions": [
{
"version": "0:4.11.0-15.el9_4.5",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::crb",
"cpe:/a:redhat:rhel_eus:9.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ipa",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
}
]10
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| krbCanonicalName | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| krbPrincipalName | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| ipaKrbPrincipalAlias | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| krbPrincipalName: test/[email protected] | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| krbCanonicalName: [email protected] | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| dn: krbprincipalname=test/[email protected],cn=services,cn=accounts,dc=test,dc=local | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| objectClass: ipaKrbPrincipal | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| objectClass: ipaObject | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| objectClass: ipaService | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
| objectClass: krbPrincipal | nested | ldap://dc1.test.local | Privilege escalation via manipulation of krbCanonicalName/krbPrincipalName in FreeIPA services; attacker can create a service with admin-like canonical name | CWE-1220 |
10
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 09:33Current
7.1High risk
Vulners AI Score7.1
CVSS 3.19.1
EPSS0.01827
SSVC