The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
12 Feb 2023, 23:24
Type | Values Removed | Values Added |
---|---|---|
Summary | The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. | |
References |
|
02 Feb 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack. |
Information
Published : 2016-09-07 20:59
Updated : 2023-12-10 11:46
NVD link : CVE-2016-5404
Mitre link : CVE-2016-5404
CVE.ORG link : CVE-2016-5404
JSON object : View
Products Affected
fedoraproject
- fedora
oracle
- linux
freeipa
- freeipa
CWE
CWE-284
Improper Access Control