vulnerability

Oracle Linux: CVE-2017-2590: ELSA-2017-0388: ipa security and bug fix update (MODERATE)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:P)
Published
Feb 27, 2017
Added
Mar 3, 2017
Modified
Dec 3, 2025

Description

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
It was found that IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

Solutions

oracle-linux-upgrade-ipa-admintoolsoracle-linux-upgrade-ipa-clientoracle-linux-upgrade-ipa-client-commonoracle-linux-upgrade-ipa-commonoracle-linux-upgrade-ipa-python-compatoracle-linux-upgrade-ipa-serveroracle-linux-upgrade-ipa-server-commonoracle-linux-upgrade-ipa-server-dnsoracle-linux-upgrade-ipa-server-trust-adoracle-linux-upgrade-python2-ipaclientoracle-linux-upgrade-python2-ipaliboracle-linux-upgrade-python2-ipaserver

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today