CVE Vulnerabilities

CVE-2013-0199

Published: May 29, 2014 | Modified: Apr 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
4.8 MODERATE
AV:A/AC:L/Au:N/C:P/I:P/A:N
RedHat/V3
Ubuntu
MEDIUM
root.io minimus.io echohq.com

The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Freeipa Redhat 3.0.0 (including) 3.0.0 (including)
Freeipa Redhat 3.0.1 (including) 3.0.1 (including)
Freeipa Redhat 3.0.2 (including) 3.0.2 (including)
Freeipa Redhat 3.1.1 (including) 3.1.1 (including)
Freeipa Ubuntu upstream *

References