FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Freeipa | Freeipa | 4.6.0 (including) | 4.6.0 (including) |