← volver
CVE-2013-0199

CVE-2013-0199

EPSS 2.1%
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://osvdb.org/89539https://exchange.xforce.ibmcloud.com/vulnerabilities/81486http://www.freeipa.org/page/CVE-2013-0199http://www.freeipa.org/page/Releases/3.1.2http://www.securityfocus.com/bid/57542