6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
47.2%
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x
versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that
FreeIPA’s batch processing API logged operations. This included passing
user passwords in clear text on FreeIPA masters. Batch processing of
commands with passwords as arguments or options is not performed by default
in FreeIPA but is possible by third-party components. An attacker having
access to system logs on FreeIPA masters could use this flaw to produce log
file content with passwords exposed.
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10195
launchpad.net/bugs/cve/CVE-2019-10195
nvd.nist.gov/vuln/detail/CVE-2019-10195
pagure.io/freeipa/c/02ce407f5e10e670d4788778037892b58f80adc0
security-tracker.debian.org/tracker/CVE-2019-10195
www.cve.org/CVERecord?id=CVE-2019-10195
www.freeipa.org/page/Releases/4.6.7
www.freeipa.org/page/Releases/4.7.4
www.freeipa.org/page/Releases/4.8.3
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
47.2%