Enterprise Ipa@* Security Vulnerabilities and Issues — Enterprise Ipa@* CVE List

Lucene search

RedhatEnterprise Ipa*

3 matches found

CVE•added 2019/11/27 9:15 a.m.•130 views

CVE-2019-14867

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger pa...

8.8CVSS8.5AI score0.02727EPSS

CVE•added 2019/11/27 8:15 a.m.•101 views

CVE-2019-10195

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with p...

6.5CVSS7.1AI score0.00723EPSS

CVE•added 2019/09/17 4:15 p.m.•75 views

CVE-2019-14826

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.

5.6CVSS4.6AI score0.00068EPSS