Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeipa freeipa 4.0.0 vulnerabilities and exploits
(subscribe to this query)
481
VMScore
CVE-2020-1722
A flaw was found in all ipa versions 4.x.x up to and including 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The ...
Freeipa Freeipa
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
578
VMScore
CVE-2017-11191
FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID (for the same user account) that had been created for an earlier session. NOTE: Vendor states that issue does not exi...
Freeipa Freeipa 4.0.5
Freeipa Freeipa 4.1.1
Freeipa Freeipa 4.0.2
Freeipa Freeipa 4.6.0
Freeipa Freeipa 4.4.0
Freeipa Freeipa 4.0.0
Freeipa Freeipa 4.0.3
Freeipa Freeipa 4.1.0
Freeipa Freeipa 4.0.1
Freeipa Freeipa 4.0.4
Freeipa Freeipa 4.6.1
Freeipa Freeipa 4.5.0
Freeipa Freeipa 4.5.1
Freeipa Freeipa 4.5.2
Freeipa Freeipa 4.5.3
Freeipa Freeipa 4.4.1
Freeipa Freeipa 4.4.2
Freeipa Freeipa 4.4.3
Freeipa Freeipa 4.4.4
Freeipa Freeipa 4.3.3
Freeipa Freeipa 4.3.0
Freeipa Freeipa 4.3.1
383
VMScore
CVE-2014-7850
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x prior to 4.1.2 allows remote malicious users to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.
Freeipa Freeipa 4.0.3
Freeipa Freeipa 4.0.2
Freeipa Freeipa 4.0.1
Freeipa Freeipa 4.0.0
Freeipa Freeipa 4.1.0
Freeipa Freeipa 4.0.4
Freeipa Freeipa 4.1.1
Freeipa Freeipa 4.0.5
312
VMScore
CVE-2014-7828
FreeIPA 4.0.x prior to 4.0.5 and 4.1.x prior to 4.1.1, when 2FA is enabled, allows remote malicious users to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.
Freeipa Freeipa 4.0.0
Freeipa Freeipa 4.0.1
Freeipa Freeipa 4.0.2
Freeipa Freeipa 4.0.3
Freeipa Freeipa 4.0.4
Freeipa Freeipa 4.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started