Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freeipa freeipa vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0336
The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directory server (dirsrv) in FreeIPA prior to 3.2.0 allows remote malicious users to cause a denial of service (crash) via a connection request without a username/dn, related to the 389 d...
Redhat Freeipa 3.1.4
Redhat Freeipa
Redhat Freeipa 3.1.2
Redhat Freeipa 3.1.3
Redhat Freeipa 3.0.0
Redhat Freeipa 3.0.1
Redhat Freeipa 3.0.2
Redhat Freeipa 3.1.1
5
CVSSv2
CVE-2013-0199
The default LDAP ACIs in FreeIPA 3.0 prior to 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote malicious users to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.
Redhat Freeipa 3.0.0
Redhat Freeipa 3.0.1
Redhat Freeipa 3.0.2
Redhat Freeipa 3.1.1
7.9
CVSSv2
CVE-2012-5484
The client in FreeIPA 2.x and 3.x prior to 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle malicious users to spoof a join procedure via a crafted certificate.
Redhat Freeipa 2.0.0
Redhat Freeipa 2.1.0
Redhat Freeipa 2.0.1
Redhat Freeipa 2.2.1
Redhat Freeipa 2.1.4
Redhat Freeipa 2.1.3
Redhat Freeipa 2.1.1
Redhat Freeipa 3.1.1
Redhat Freeipa 3.0.2
Redhat Freeipa 3.0.1
Redhat Freeipa 3.0.0
6.8
CVSSv2
CVE-2011-3636
Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA prior to 2.1.4 allows remote malicious users to hijack the authentication of administrators for requests that make configuration changes.
Redhat Freeipa 1.2.2
Redhat Freeipa 1.1.0
Redhat Freeipa 2.1.0
Redhat Freeipa 2.0.0
Redhat Freeipa 2.1.1
Redhat Freeipa 1.2.1
Redhat Freeipa 1.0.0
Redhat Freeipa 1.9.0
Redhat Freeipa 0.99
Redhat Freeipa 2.0.1
Redhat Freeipa 0.99698641-20080218
Redhat Freeipa 0.99698-20080228
Redhat Freeipa 1.1.1
Redhat Freeipa
Redhat Freeipa 2.1.2
Redhat Freeipa 1.2.0
5
CVSSv2
CVE-2008-3274
The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA prior to 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote malicious users to obtain the Kerberos master key via an anonymous LDAP query.
Redhat Freeipa
Redhat Freeipa 0.99
Redhat Enterprise Ipa 1.0.0
Redhat Freeipa 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3