The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of FreeIPA

computer vulnerability bulletin 27098

FreeIPA: privilege escalation via Authn/TOTP

Synthesis of the vulnerability

An attacker can bypass restrictions via Authn/TOTP of FreeIPA, in order to escalate his privileges.
Impacted products: Fedora, FreeIPA.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: user account.
Creation date: 28/08/2018.
Identifiers: 7262, FEDORA-2018-39051f69b7, VIGILANCE-VUL-27098.

Description of the vulnerability

An attacker can bypass restrictions via Authn/TOTP of FreeIPA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-12169

FreeIPA: information disclosure via Read Stage Users

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Read Stage Users of FreeIPA, in order to obtain sensitive information.
Impacted products: FreeIPA.
Severity: 2/4.
Consequences: user access/rights, data reading.
Provenance: user account.
Creation date: 11/01/2018.
Identifiers: 1487697, CVE-2017-12169, VIGILANCE-VUL-25026.

Description of the vulnerability

An attacker can bypass access restrictions to data via Read Stage Users of FreeIPA, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-5414

FreeIPA: Man-in-the-Middle via CA SubjectAltNames ACL

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle via CA SubjectAltNames ACL on FreeIPA, in order to read or write data in the session.
Impacted products: FreeIPA.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: internet server.
Creation date: 28/06/2017.
Identifiers: 1360757, CVE-2016-5414, VIGILANCE-VUL-23094.

Description of the vulnerability

An attacker can act as a Man-in-the-Middle via CA SubjectAltNames ACL on FreeIPA, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-2590

FreeIPA: privilege escalation via CA Commands

Synthesis of the vulnerability

An attacker can bypass restrictions via ca-del, ca-disable and ca-enable commands of FreeIPA, in order to escalate his privileges.
Impacted products: Fedora, FreeIPA, RHEL.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 03/03/2017.
Revision date: 16/03/2017.
Identifiers: CVE-2017-2590, FEDORA-2017-98f85533f0, RHSA-2017:0388-01, VIGILANCE-VUL-22008.

Description of the vulnerability

An attacker can bypass restrictions via ca-del, ca-disable and ca-enable commands of FreeIPA, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-7030 CVE-2016-9575

FreeIPA: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of FreeIPA.
Impacted products: Fedora, FreeIPA, RHEL.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 19/12/2016.
Revision date: 03/01/2017.
Identifiers: CVE-2016-7030, CVE-2016-9575, FEDORA-2016-ca1d1e1dc1, FEDORA-2016-d337166907, RHSA-2017:0001-01, VIGILANCE-VUL-21418.

Description of the vulnerability

Several vulnerabilities were announced in FreeIPA.

An authenticated attacker can change the validation rules for X.509 certificates via the command certprofile-mod, in order to install himself as a man in the middle or to trigger a denial of service. [severity:2/4; CVE-2016-9575]

An attacker can force locking of user account when Kerberos is used, in order to trigger a denial of service. [severity:3/4; CVE-2016-7030]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-6298

jwcrypto: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of jwcrypto, in order to obtain sensitive information.
Impacted products: Fedora, FreeIPA.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 12/09/2016.
Identifiers: CVE-2016-6298, FEDORA-2016-7b4a60ae66, FEDORA-2016-dcf5cad792, VIGILANCE-VUL-20571.

Description of the vulnerability

An attacker can bypass access restrictions to data of jwcrypto, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-5404

FreeIPA: denial of service via cert_revoke

Synthesis of the vulnerability

An attacker, who has the "retrieve certificate" permission, can revoke certificates on FreeIPA, in order to trigger a denial of service.
Impacted products: Fedora, FreeIPA, RHEL.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: user shell.
Creation date: 18/08/2016.
Identifiers: 1351593, CVE-2016-5404, FEDORA-2016-7898627d08, FEDORA-2016-92a3655b70, RHSA-2016:1797-01, VIGILANCE-VUL-20426.

Description of the vulnerability

The FreeIPA product can be used to manage authentication certificates.

The cert_revoke command revokes a certificate. However, this command does not check if the user has the "revoke certificate" permission.

An attacker, who has the "retrieve certificate" permission, can therefore revoke certificates on FreeIPA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2015-5284

FreeIPA: private KRA key reading

Synthesis of the vulnerability

A local attacker can read the private KRA key of FreeIPA, in order to obtain sensitive information.
Impacted products: FreeIPA.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 09/10/2015.
Identifiers: CVE-2015-5284, VIGILANCE-VUL-18065.

Description of the vulnerability

The FreeIPA product can be configured with KPA (Password Vault).

In this case, the ipa-kra-install command stores the private key and the certificate in the /etc/httpd/alias/kra-agent.pem file. However, this file can be read by all local users.

A local attacker can therefore read the private KRA key of FreeIPA, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2015-0283

FreeIPA: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of FreeIPA.
Impacted products: FreeIPA.
Severity: 2/4.
Consequences: user access/rights, client access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 10/07/2015.
Identifiers: CVE-2015-0283, VIGILANCE-VUL-17345.

Description of the vulnerability

Several vulnerabilities were announced in FreeIPA.

An attacker can generate an infinite loop in slapi-nis, in order to trigger a denial of service. [severity:2/4; CVE-2015-0283]

An attacker can force a NULL pointer to be dereferenced in ipa-kdb, in order to trigger a denial of service. [severity:1/4]

An attacker can create several memory leaks in ipa, in order to trigger a denial of service. [severity:1/4]

An attacker can trigger a Cross Site Scripting in webui, in order to execute JavaScript code in the context of the web site. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about FreeIPA: