3 matches found
Fedora 39 : freeipa (2024-9ab2666594)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9ab2666594 advisory. Security update for CVE-2023-5455 Release notes: https://www.freeipa.org/release-notes/4-11-1.html Tenable has extracted the preceding description block...
CVE-2023-5455 Ipa: invalid csrf protection
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
Oracle Linux 7 : ipa (ELSA-2024-0145)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0145 advisory. 4.6.8-5.0.1 - Blank out header-logo.png product-name.png - Replace login-screen-logo.png Orabug: 20362818 4.6.8-5.el79.16 - Resolves: RHEL-12570 ipa: Invalid CS...