(RHSA-2024:3758) Important: idm:DL1 security update

2024-06-1013:35:20

access.redhat.com

red hat identity management

security update

freeipa

hash password vulnerability

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

7.2

Confidence

Low

EPSS

Percentile

16.4%

JSON

Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

Security Fix(es):

freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force (CVE-2024-3183)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanyx86_64opendnssec-debugsource< 1.4.14-1.module+el8.1.0+4098+f286395eopendnssec-debugsource-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm
RedHatanynoarchipa-server-dns< 4.8.4-14.module+el8.2.0+21961+a256f806.4ipa-server-dns-4.8.4-14.module+el8.2.0+21961+a256f806.4.noarch.rpm
RedHatanyx86_64slapi-nis-debuginfo< 0.56.3-3.module+el8.2.0+10782+8facb0b2slapi-nis-debuginfo-0.56.3-3.module+el8.2.0+10782+8facb0b2.x86_64.rpm
RedHatanynoarchpython3-ipaclient< 4.8.4-14.module+el8.2.0+21961+a256f806.4python3-ipaclient-4.8.4-14.module+el8.2.0+21961+a256f806.4.noarch.rpm
RedHatanynoarchipa-healthcheck-core< 0.4-4.module+el8.2.0+5489+95477d9fipa-healthcheck-core-0.4-4.module+el8.2.0+5489+95477d9f.noarch.rpm
RedHatanyx86_64ipa-idoverride-memberof-plugin< 0.0.4-6.module+el8.1.0+4098+f286395eipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.x86_64.rpm
RedHatanyx86_64bind-dyndb-ldap< 11.2-3.module+el8.2.0+21753+7109ce90.3bind-dyndb-ldap-11.2-3.module+el8.2.0+21753+7109ce90.3.x86_64.rpm
RedHatanyx86_64softhsm-debugsource< 2.4.0-4.module+el8.2.0+5779+a38c524fsofthsm-debugsource-2.4.0-4.module+el8.2.0+5779+a38c524f.x86_64.rpm
RedHatanyx86_64ipa-client< 4.8.4-14.module+el8.2.0+21961+a256f806.4ipa-client-4.8.4-14.module+el8.2.0+21961+a256f806.4.x86_64.rpm
RedHatanynoarchpython3-yubico< 1.3.2-9.module+el8.1.0+4098+f286395epython3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	x86_64	opendnssec-debugsource	< 1.4.14-1.module+el8.1.0+4098+f286395e	opendnssec-debugsource-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm
RedHat	any	noarch	ipa-server-dns	< 4.8.4-14.module+el8.2.0+21961+a256f806.4	ipa-server-dns-4.8.4-14.module+el8.2.0+21961+a256f806.4.noarch.rpm
RedHat	any	x86_64	slapi-nis-debuginfo	< 0.56.3-3.module+el8.2.0+10782+8facb0b2	slapi-nis-debuginfo-0.56.3-3.module+el8.2.0+10782+8facb0b2.x86_64.rpm
RedHat	any	noarch	python3-ipaclient	< 4.8.4-14.module+el8.2.0+21961+a256f806.4	python3-ipaclient-4.8.4-14.module+el8.2.0+21961+a256f806.4.noarch.rpm
RedHat	any	noarch	ipa-healthcheck-core	< 0.4-4.module+el8.2.0+5489+95477d9f	ipa-healthcheck-core-0.4-4.module+el8.2.0+5489+95477d9f.noarch.rpm
RedHat	any	x86_64	ipa-idoverride-memberof-plugin	< 0.0.4-6.module+el8.1.0+4098+f286395e	ipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.x86_64.rpm
RedHat	any	x86_64	bind-dyndb-ldap	< 11.2-3.module+el8.2.0+21753+7109ce90.3	bind-dyndb-ldap-11.2-3.module+el8.2.0+21753+7109ce90.3.x86_64.rpm
RedHat	any	x86_64	softhsm-debugsource	< 2.4.0-4.module+el8.2.0+5779+a38c524f	softhsm-debugsource-2.4.0-4.module+el8.2.0+5779+a38c524f.x86_64.rpm
RedHat	any	x86_64	ipa-client	< 4.8.4-14.module+el8.2.0+21961+a256f806.4	ipa-client-4.8.4-14.module+el8.2.0+21961+a256f806.4.x86_64.rpm
RedHat	any	noarch	python3-yubico	< 1.3.2-9.module+el8.1.0+4098+f286395e	python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm