Filters

Software

freeipa freeipa
19

redhat/FreeIPAFreeipa: delegation rules allow a proxy service to impersonate any user to access another target service

high
8.8
First published (updated )
CVE-2024-2698

Freeipa FreeipaIpa: invalid csrf protection

high
8.1
First published (updated )
CVE-2023-5455

Redhat Enterprise LinuxA flaw was found in IPA. When sending a very long password (>= 1,000,000 characters) to the server, …

medium
5.4
First published (updated )
CVE-2020-1722

Freeipa Freeipaipa 3.0 does not properly check server identity before sending credential containing cookies

high
8.8
First published (updated )
CVE-2012-5631

Freeipa FreeipaCode Injection

high
8.8
First published (updated )
CVE-2019-14867

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Redhat Enterprise LinuxA flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache aft…

medium
5.6
First published (updated )
CVE-2019-14826

Freeipa FreeipaInfoleak

medium
6.5
First published (updated )
CVE-2019-10195

Redhat Enterprise Linux Server EusA vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did no…

high
8.1
First published (updated )
CVE-2017-2590

Freeipa FreeipaFreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-lo…

high
8.8
First published (updated )
CVE-2017-11191

Freeipa FreeipaInfoleak

high
7.5
First published (updated )
CVE-2017-12169

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Freeipa FreeipaIpa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's perm…

medium
6.5
First published (updated )
CVE-2016-9575

Fedoraproject FedoraThe cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which all…

medium
6.5
First published (updated )
CVE-2016-5404

Freeipa FreeipaFreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication att…

high
7.5
First published (updated )
CVE-2016-7030

Freeipa FreeipaFreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services.

high
7.5
First published (updated )
CVE-2016-5414

Freeipa FreeipaInfoleak

critical
9.8
First published (updated )
CVE-2015-5284

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Freeipa FreeipaInput Validation

high
7.5
First published (updated )
CVE-2015-5179

Fedoraproject FedoraThe get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly real…

medium
5
First published (updated )
CVE-2015-1827

Freeipa FreeipaXSS

medium
4.3
First published (updated )
CVE-2014-7850

Freeipa FreeipaFreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to b…

low
3.5
First published (updated )
CVE-2014-7828

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203