← voltar
CVE-2013-0199

CVE-2013-0199

EPSS 2.1%
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://osvdb.org/89539https://exchange.xforce.ibmcloud.com/vulnerabilities/81486http://www.freeipa.org/page/CVE-2013-0199http://www.freeipa.org/page/Releases/3.1.2http://www.securityfocus.com/bid/57542