CVE-2016-5404 in FreeIPAالمعلومات

الملخص

بحسب MITRE

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

10/06/2016

إفشاء

07/09/2016

الاعتدال

تمت الموافقة

إدخال

VDB-91353

CPE

جاهز

CWE

CWE-284 (مؤكد)

CVSS

6.5 (NVD)

EPSS

0.00467

KEV

لا

النشاطات

منخفض جدًا

القطاع

Insurance, Energy, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5404
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5404
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5404/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!