Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatEnterprise Ipa

3 matches found

CVE
CVEadded 2020/04/27 9:15 p.m.321 views

CVE-2020-1722

A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulner...

5.4CVSS5.4AI score0.00368EPSS
CVE
CVEadded 2019/09/17 4:15 p.m.75 views

CVE-2019-14826

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.

5.6CVSS4.6AI score0.00068EPSS
CVE
CVEadded 2008/09/12 4:56 p.m.41 views

CVE-2008-3274

The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.

5CVSS6.2AI score0.00721EPSS