Max CVSS 7.9 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-2590 5.5
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable,
09-10-2019 - 23:26 27-07-2018 - 18:29
CVE-2016-9575 6.5
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify p
09-10-2019 - 23:20 13-03-2018 - 13:29
CVE-2012-4546 4.3
The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation L
22-04-2019 - 17:48 03-04-2013 - 00:55
CVE-2012-6662 4.3
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not prope
14-07-2018 - 01:29 24-11-2014 - 16:59
CVE-2015-1827 5.0
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user th
31-12-2016 - 02:59 30-03-2015 - 14:59
CVE-2012-5484 7.9
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
07-02-2013 - 05:01 27-01-2013 - 18:55
CVE-2011-3636 6.8
Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes.
05-03-2012 - 05:00 08-12-2011 - 11:55
Back to Top Mark selected
Back to Top