cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-5455,https://securityvulnerability.io/vulnerability/CVE-2023-5455,Ipa: invalid csrf protection,"A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.",Red Hat,"ipa,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.2 Advanced Update Support,Red Hat Enterprise Linux 8.2 Telecommunications Update Service,Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Fedora",6.5,MEDIUM,0.0014700000174343586,false,,false,false,false,,,false,false,,2024-01-10T12:33:00.336Z,0
CVE-2020-1722,https://securityvulnerability.io/vulnerability/CVE-2020-1722,Denial of Service Vulnerability in IPA Server by Red Hat,"A vulnerability exists in Red Hat's IPA server versions 4.x.x up to 4.8.0, where an attacker can send an excessively long password (greater than 1,000,000 characters) to the server. This can lead to a significant drain on memory and CPU resources due to the password hashing process, potentially causing the server to become unresponsive. As a result, the availability of the system is threatened, leading to service disruption for legitimate users.",Red Hat,Ipa,5.3,MEDIUM,0.0008699999889358878,false,,false,false,false,,,false,false,,2020-04-27T20:46:52.000Z,0
CVE-2019-14867,https://securityvulnerability.io/vulnerability/CVE-2019-14867,Vulnerability in IPA Server Affects Kerberos Key Parsing,"A vulnerability exists in the IPA server affecting various versions that improperly utilizes the ber_scanf() function for parsing Kerberos key data. An unauthenticated attacker could exploit this flaw to trigger the parsing of the krb principal key. This may lead to the IPA server crashing or, in specific scenarios, allow the execution of arbitrary code on the host server. The issue is present in versions 4.6.x prior to 4.6.7, 4.7.x prior to 4.7.4, and 4.8.x prior to 4.8.3, highlighting the need for timely updates.",Red Hat,Ipa,8.8,HIGH,0.015639999881386757,false,,false,false,false,,,false,false,,2019-11-27T08:05:17.000Z,0
CVE-2019-10195,https://securityvulnerability.io/vulnerability/CVE-2019-10195,Clear Text Password Exposure in FreeIPA's Batch Processing API,"A vulnerability exists in FreeIPA where the batch processing API can inadvertently log user passwords in clear text on the FreeIPA masters. While batch processing with passwords is not enabled by default, it can be activated through third-party components. If an attacker gains access to system logs, they can exploit this flaw, leading to unauthorized exposure of sensitive information.",Red Hat,Ipa,5.7,MEDIUM,0.001769999973475933,false,,false,false,false,,,false,false,,2019-11-27T07:55:13.000Z,0
CVE-2019-14826,https://securityvulnerability.io/vulnerability/CVE-2019-14826,Session Cookie Retention Flaw in FreeIPA by Red Hat,"A vulnerability in FreeIPA versions 4.5.0 and later allows for session cookies to persist in the cache even after a user logs out. This flaw can be exploited by an attacker who obtains valid session cookies, potentially granting unauthorized access to the user's session. Proper management of session cookies is crucial to prevent unauthorized access and enhance security protocols.",Red Hat,Ipa,5.6,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-09-17T15:09:31.000Z,0
CVE-2017-2590,https://securityvulnerability.io/vulnerability/CVE-2017-2590,Permission Flaw in Dogtag Certificate Management by Red Hat,"A permissions flaw exists in the Dogtag component of Red Hat's Identity Management (IdM). This vulnerability affects the 'ca-del', 'ca-disable', and 'ca-enable' commands, which do not enforce proper checks on user permissions. An authenticated yet unauthorized user could exploit this vulnerability to modify Certificate Authorities (CAs), leading to potential denial of service issues. This could disrupt certificate issuance, affect OCSP signing, or even lead to the deletion of secret keys, posing significant risks to system integrity and availability.",Red Hat,Ipa,8.1,HIGH,0.0015899999998509884,false,,false,false,false,,,false,false,,2018-07-27T18:00:00.000Z,0