Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-2590

Опубликовано: 27 июл. 2018
Источник: ubuntu
Приоритет: medium
CVSS2: 5.5
CVSS3: 8.1

Описание

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

4.7.0~pre1+git20180411-2ubuntu2
cosmic

not-affected

4.7.0~pre1+git20180411-2ubuntu2
devel

not-affected

4.7.0~pre1+git20180411-2ubuntu2
esm-apps/bionic

not-affected

4.7.0~pre1+git20180411-2ubuntu2
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
precise

ignored

end of life
precise/esm

DNE

precise was needs-triage
trusty

not-affected

code not present

Показывать по

Ссылки на источники

5.5 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-2590

CVSS3: 8.1
redhat
больше 8 лет назад

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

nvd логотип

CVE-2017-2590

CVSS3: 8.1
nvd
больше 7 лет назад

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

debian логотип

CVE-2017-2590

CVSS3: 8.1
debian
больше 7 лет назад

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, ...

github логотип

GHSA-7gp5-3wrx-x8j6

CVSS3: 8.1
github
больше 3 лет назад

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

oracle-oval логотип

ELSA-2017-0388

oracle-oval
больше 8 лет назад

ELSA-2017-0388: ipa security and bug fix update (MODERATE)

5.5 Medium

CVSS2

8.1 High

CVSS3