What is the severity of RHSA-2024:0141?

The severity of RHSA-2024:0141 is classified as moderate.

How do I fix RHSA-2024:0141?

To fix RHSA-2024:0141, update the ipa packages to version 4.10.2-5.el9_3.

What vulnerabilities are addressed in RHSA-2024:0141?

RHSA-2024:0141 addresses an invalid CSRF protection vulnerability identified as CVE-2023-5455.

Which Red Hat products are affected by RHSA-2024:0141?

Red Hat Enterprise Linux for IBM z Systems, Power, little endian, and ARM 64 are affected by RHSA-2024:0141.

What is the nature of the ipa vulnerability in RHSA-2024:0141?

The ipa vulnerability in RHSA-2024:0141 relates to invalid CSRF protection, which could potentially allow unauthorized actions.

Vulnerability/
RHSA-2024:0141

medium

CWE

352

10/1/2024

RHSA-2024:0141: Moderate: ipa security update

First published: Wed Jan 10 2024(Updated: )

Moderate: ipa security update

Affected Software	Affected Version	How to fix
redhat/ipa	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-common	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-epn	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-samba	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-common	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-debugsource	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-selinux	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-common	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-dns	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-trust-ad	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-trust-ad-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/python3-ipaclient	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/python3-ipalib	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/python3-ipaserver	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-epn	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-samba	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-debugsource	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-trust-ad	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-trust-ad-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-epn	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client-samba	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-debugsource	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-trust-ad	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-server-trust-ad-debuginfo	<4.10.2-5.el9_3	4.10.2-5.el9_3
redhat/ipa-client	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-client-debuginfo	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-client-epn	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-client-samba	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-debuginfo	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-debugsource	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-server	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-server-debuginfo	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-server-trust-ad	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/ipa-server-trust-ad-debuginfo	<4.10.2-5.el9_3.aa	4.10.2-5.el9_3.aa
redhat/python3-ipatests	<4.10.2-5.el9_3	4.10.2-5.el9_3
Red Hat Enterprise Linux for IBM z Systems
Red Hat Red Hat Enterprise Linux for Power, little endian
Red Hat Enterprise Linux 8

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2024:0141?
The severity of RHSA-2024:0141 is classified as moderate.
How do I fix RHSA-2024:0141?
To fix RHSA-2024:0141, update the ipa packages to version 4.10.2-5.el9_3.
What vulnerabilities are addressed in RHSA-2024:0141?
RHSA-2024:0141 addresses an invalid CSRF protection vulnerability identified as CVE-2023-5455.
Which Red Hat products are affected by RHSA-2024:0141?
Red Hat Enterprise Linux for IBM z Systems, Power, little endian, and ARM 64 are affected by RHSA-2024:0141.
What is the nature of the ipa vulnerability in RHSA-2024:0141?
The ipa vulnerability in RHSA-2024:0141 relates to invalid CSRF protection, which could potentially allow unauthorized actions.

agent/last-modified-date
agent/type
agent/first-publish-date
agent/severity
agent/references
agent/weakness
agent/remedy
agent/title
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2024:0141
agent/software-canonical-lookup
agent/source
agent/softwarecombine
agent/tags
agent/event
collector/redhat-errata-latest
agent/software-canonical-lookup-request
package-manager/redhat
vendor/red hat
canonical/red hat enterprise linux for ibm z systems
canonical/red hat red hat enterprise linux for power, little endian
canonical/red hat enterprise linux 8