| Max CVSS | 6.8 | Min CVSS | 5.4 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-1722 | 5.4 |
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unr
|
12-02-2023 - 23:40 | 27-04-2020 - 21:15 | |
| CVE-2019-14867 | 6.8 |
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data.
|
05-02-2020 - 00:15 | 27-11-2019 - 09:15 | |
| CVE-2017-2590 | 5.5 |
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable,
|
09-10-2019 - 23:26 | 27-07-2018 - 18:29 | |
| CVE-2016-9575 | 6.5 |
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify p
|
09-10-2019 - 23:20 | 13-03-2018 - 13:29 |