Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-2590

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

Published

2018-07-27T18:29:00.627

Last Modified

2024-11-21T03:23:47.170

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 8.1 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:N/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.0

Impact Score

4.9

Weaknesses
  • Type: Secondary
    CWE-732
  • Type: Primary
    CWE-275
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application freeipa freeipa < 4.4.0 Yes
Operating System redhat enterprise_linux 7.0 Yes
Operating System redhat enterprise_linux_desktop 7.0 Yes
Operating System redhat enterprise_linux_server 7.0 Yes
Operating System redhat enterprise_linux_server_aus 7.3 Yes
Operating System redhat enterprise_linux_server_aus 7.4 Yes
Operating System redhat enterprise_linux_server_eus 7.3 Yes
Operating System redhat enterprise_linux_server_eus 7.4 Yes
Operating System redhat enterprise_linux_server_eus 7.5 Yes
Operating System redhat enterprise_linux_workstation 7.0 Yes
References