28 matches found
MiracleLinux 9 : ipa-4.10.2-5.el9_3.ML.1 (AXSA:2024-7393:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7393:01 advisory. ipa: Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
TencentOS Server 2: ipa (TSSA-2024:0010)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0010 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2023-5455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user...
Fedora: Security Advisory (FEDORA-2024-4a8d4aedcb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for ipa-client (CESA-2024:0145)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: ipa
Issue Overview: A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system...
Amazon Linux 2 : ipa (ALAS-2024-2457)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2457 advisory. A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform...
Fedora: Security Advisory (FEDORA-2024-9ab2666594)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : freeipa (2024-9ab2666594)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9ab2666594 advisory. Security update for CVE-2023-5455 Release notes: https://www.freeipa.org/release-notes/4-11-1.html Tenable has extracted the preceding description block...
Moderate: Red Hat Security Advisory: krb5 security update
An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Oracle Linux 8 : idm:DL1 (ELSA-2024-0143)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0143 advisory. - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455 ipa-healthcheck opendnssec python-jwcrypto python-kdcproxy Tenable has extracted the precedin...
idm:DL1 security update
An update is available for module.python-qrcode, custodia, opendnssec, module.opendnssec, ipa-healthcheck, python-yubico, module.pyusb, module.softhsm, softhsm, module.python-yubico, module.slapi-nis, module.ipa-healthcheck, python-qrcode, module.custodia, pyusb, module.python-kdcproxy,...
Rocky Linux 8 : idm:DL1 (RLSA-2024:0143)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0143 advisory. - A security feature bypass vulnerability exists in the way Key Distribution Center KDC determines if a service ticket can be used for delegation via...
AlmaLinux 9 : ipa (ALSA-2024:0141)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0141 advisory. - A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user...
Oracle Linux 9 : ipa (ELSA-2024-0141)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0141 advisory. 4.10.2-5.0.1 - Resolves: 2242828 Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding description block directly from the Oracle Linux...
Moderate: Red Hat Security Advisory: ipa security update
An update for ipa is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: ipa security update
An update for ipa is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Red Hat Security Advisory: ipa security update
An update for ipa is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Moderate: Red Hat Security Advisory: idm:DL1 security update
An update for the idm:DL1 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...