11 matches found
Astra Linux – Vulnerability in freeipa
There is a cross-site request forgery vulnerability in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions on behalf of the user, resulting in a loss of confidentiality and system integrity...
Amazon Linux 2 : ipa (ALAS-2024-2457)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2457 advisory. A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform...
Medium: ipa
Issue Overview: A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system...
SUSE CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
AlmaLinux 9 : ipa (ALSA-2024:0141)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0141 advisory. - A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user...
AlmaLinux 8 : idm:DL1 (ALSA-2024:0143)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0143 advisory. Kerberos: delegation constrain bypass in S4U2Proxy CVE-2020-17049 ipa: Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding descripti...
ipa: Invalid CSRF protection
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
ipa: Invalid CSRF protection
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
DEBIAN-CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
ipa: Invalid CSRF protection
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...