15 matches found
RLSA-2025:20928 Important: ipa security update
Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA...
EUVD-2015-5263
Malware in sbrugna...
EUVD-2024-17231
Malicious code in bioql PyPI...
RHSA-2025:17088 Red Hat Security Advisory: ipa security update
Bulletin has no description...
ROS-20250729-07
A vulnerability in FreeIPA's centralized user identity management system is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges to the level of a domain administrator and impact the domain. remotely, escalate the...
Linux Distros Unpatched Vulnerability : CVE-2023-5455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user...
Fedora 41 : freeipa (2025-b21777d1b5)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b21777d1b5 advisory. CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html Tenable has extracted the preceding description block directly from the Fedora...
Fedora 40 : freeipa (2025-6baf694c75)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6baf694c75 advisory. CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html Tenable has extracted the preceding description block directly from the Fedora...
CVE-2024-11029
CVE-2024-11029 is a real vulnerability affecting FreeIPA via an API audit flaw that leaks administrator credentials to systemd journal when the FreeIPA installation process logs the full command line. Connected advisories confirm affected packages (FreeIPA) across multiple distributions (e.g., Fe...
Medium: ipa
Issue Overview: A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service. CVE-2024-1481 Affected Packages: ipa Note: This advisory ...
GHSA-W4Q7-F34X-VPGC FreeIPA logs passwords embedded in commands in calls using batch
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...
CVE-2017-11191
FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID for the same user account that had been created for an earlier session. NOTE: Vendor states that issue does not exist in product and...
CVE-2015-5284
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable...
CVE-2016-5414
FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services...
CVE-2013-0199
The CVE-2013-0199 entry affects FreeIPA 3.0 before 3.1.2. The default LDAP ACIs fail to restrict access to ipaNTTrustAuthIncoming and ipaNTTrustAuthOutgoing, enabling remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors. The vulnerability arises from overly permis...