6 matches found
ROS-20240402-09
A vulnerability in the loginpassword component of the FreeIpa server is related to sending user requests, that can perform actions on behalf of the user. Exploitation of the vulnerability could allow An attacker acting remotely to cause a loss of system confidentiality and integrity...
Amazon Linux 2 : ipa (ALAS-2024-2457)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2457 advisory. A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform...
Medium: ipa
Issue Overview: A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system...
AlmaLinux 9 : ipa (ALSA-2024:0141)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0141 advisory. - A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user...
CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...
CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During...