A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HFreeipa
APPFreeipa< 4.4.0Red Hat Enterprise Linux
OSRedhat7.0Red Hat Enterprise Linux Desktop
OSRedhat7.0Red Hat Enterprise Linux Server
OSRedhat7.0Red Hat Enterprise Linux Server Aus
OSRedhat7.37.4Red Hat Enterprise Linux Server Eus
OSRedhat7.37.47.5Red Hat Enterprise Linux Workstation
OSRedhat7.0
Powiązane podatności
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserReso...
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...