6.4 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.7%
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.
osvdb.org/89539
www.freeipa.org/page/CVE-2013-0199
www.freeipa.org/page/Releases/3.1.2
www.securityfocus.com/bid/57542
exchange.xforce.ibmcloud.com/vulnerabilities/81486