Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

IPA Security Vulnerabilities

cve
cve

CVE-2020-1722

A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this...

5.3CVSS

5.4AI Score

0.001EPSS

2020-04-27 09:15 PM
118
cve
cve

CVE-2019-14867

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger...

8.8CVSS

8.6AI Score

0.011EPSS

2019-11-27 09:15 AM
94
cve
cve

CVE-2019-10195

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with.....

6.5CVSS

7.2AI Score

0.001EPSS

2019-11-27 08:15 AM
59
cve
cve

CVE-2012-5631

ipa 3.0 does not properly check server identity before sending credential containing...

8.8CVSS

8.7AI Score

0.016EPSS

2019-11-25 03:15 PM
22
cve
cve

CVE-2019-14826

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the...

4.4CVSS

4.8AI Score

0.0004EPSS

2019-09-17 04:15 PM
47
cve
cve

CVE-2017-2590

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service....

8.1CVSS

7.7AI Score

0.001EPSS

2018-07-27 06:29 PM
38
cve
cve

CVE-2016-9575

Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary...

6.3CVSS

6.3AI Score

0.001EPSS

2018-03-13 01:29 PM
33
cve
cve

CVE-2017-12169

It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the 'System: Read Stage Users' permission. A remote, authenticated attacker could potentially use this flaw to disclose the password hashes belonging to Stage Users. This security issue does not result in...

7.5CVSS

7.3AI Score

0.002EPSS

2018-01-10 03:29 PM
34