Red Hat Ipa vulnerabilities

5 known vulnerabilities affecting red_hat/ipa.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2020-1722MEDIUMCVSS 5.3vall ipa versions 4.x.x through 4.8.02020-04-27
CVE-2020-1722 [MEDIUM] CWE-400 CVE-2020-1722: A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,00 A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.
cvelistv5nvd
CVE-2019-14867HIGHCVSS 8.8vall IPA 4.6.x versions before 4.6.7vall IPA 4.7.x versions before 4.7.4+1 more2019-11-27
CVE-2019-14867 [HIGH] CWE-94 CVE-2019-14867: A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4. A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA serv
cvelistv5ghsanvdosv
CVE-2019-10195MEDIUMCVSS 6.5vall IPA 4.6.x versions before 4.6.7vall IPA 4.7.x versions before 4.7.4+1 more2019-11-27
CVE-2019-10195 [MEDIUM] CWE-200 CVE-2019-10195: A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4. A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with passwords as arguments or options is not performed by
cvelistv5ghsanvdosv
CVE-2019-14826MEDIUMCVSS 4.4vFreeIPA versions 4.5.0 and later2019-09-17
CVE-2019-14826 [MEDIUM] CWE-613 CVE-2019-14826: A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache aft A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.
cvelistv5nvd
CVE-2017-2590HIGHCVSS 8.1v4.42018-07-27
CVE-2017-2590 [HIGH] CWE-732 CVE-2017-2590: A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did no A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and de
cvelistv5nvd