CVE-2019-14826

CVSS 5.6 MEDIUMEPSS 0.3%CWE-613

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

Productos afectados

Red Hat · ipa

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14826