CVE-2008-3274 in FreeIPAinfo

Summary

The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

07/24/2008

Disclosure

09/12/2008

Moderation

VulDB entry created

Entries

1: VDB-44018

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.00721

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-3274
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3274
CVE Details	https://www.cvedetails.com/cve/CVE-2008-3274/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!