Описание
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4.0.5-1 |
| bionic | not-affected | 4.0.5-1 |
| cosmic | not-affected | 4.0.5-1 |
| devel | not-affected | 4.0.5-1 |
| esm-apps/bionic | not-affected | 4.0.5-1 |
| esm-apps/xenial | not-affected | 4.0.5-1 |
| esm-infra-legacy/trusty | not-affected | |
| lucid | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
3.5 Low
CVSS2
Связанные уязвимости
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled ...
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.
3.5 Low
CVSS2