Latest version: v4.12.2
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2019-14867 | 60509 |
Freeipa 4.6.7, 4.7.4 and 4.8.3 include a fix for CVE-2019-14867: A fl… |
|
HIGH | 8.8 |
| CVE-2019-10195 | 54130 |
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x v… |
|
MEDIUM | 6.5 |
| CVE-2014-7828 | 70472 |
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enable… |
|
LOW | 3.5 |
| CVE-2016-7030 | 70515 |
FreeIPA uses a default password policy that locks an account after 5 … |
|
HIGH | 7.5 |
| CVE-2019-14826 | 70519 |
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies… |
|
MEDIUM | 4.4 |
| CVE-2015-5179 | 70468 |
FreeIPA might display user data improperly via vectors involving non-… |
|
HIGH | 7.5 |
| CVE-2016-9575 | 70517 |
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not… |
|
MEDIUM | 6.3 |
| CVE-2017-2590 | 67438 |
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable… |
|
HIGH | 8.1 |
| CVE-2016-5414 | 70513 |
FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN nam… |
|
HIGH | 7.5 |
| CVE-2016-5404 | 70533 |
The cert_revoke command in FreeIPA does not check for the "revoke cer… |
|
MEDIUM | 6.5 |
| CVE-2015-5284 | 70466 |
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate… |
|
CRITICAL | 9.8 |
| CVE-2017-12169 | 67437 |
It was found that FreeIPA 4.2.0 and later could disclose password has… |
|
HIGH | 7.5 |
| CVE-2015-1827 | 70761 |
The get_user_grouplist function in the extdom plug-in in FreeIPA befo… |
|
MEDIUM | 5.0 |
| CVE-2014-7850 | 70470 |
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x… |
|
MEDIUM | 4.3 |
| CVE-2020-1722 | 70580 |
A flaw was found in all ipa versions 4.x.x through 4.8.0. When sendin… |
|
MEDIUM | 5.3 |
| CVE-2012-5631 | 67961 |
ipa 3.0 does not properly check server identity before sending creden… |
|
HIGH | 8.8 |
| PVE-2023-99978 | 60823 |
The software FreeIPA shows public visibility of DNS records from vers… |
|
- | - |
| PVE-2023-99971 | 60868 |
FreeIPA versions 1.3.0b0 to 4.8.0rc1, which employ Samba to integrate… |
|
- | - |
| CVE-2008-3274 | 61328 |
The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA… |
|
MEDIUM | 5.0 |