CVE-2013-0199 in FreeIPAinfo

Summary

The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

12/06/2012

Disclosure

05/29/2014

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-264

CVSS

5.3

EPSS

0.00435

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2013-0199
NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-0199
CVE Details	https://www.cvedetails.com/cve/CVE-2013-0199/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!