CVE-2017-2590

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
freeipafreeipa
𝑥
< 4.4.0
redhatenterprise_linux
7.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.3
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_eus
7.3
redhatenterprise_linux_server_eus
7.4
redhatenterprise_linux_server_eus
7.5
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
freeipa
bookworm
4.9.11-1
fixed
sid
4.11.1-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
freeipa
artful
ignored
bionic
not-affected
cosmic
not-affected
precise
ignored
trusty
not-affected
xenial
not-affected
yakkety
ignored
zesty
ignored
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
ipa-admintools
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-client
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-client-common
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-common
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-python-compat
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-server
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-server-common
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-server-dns
RHEL 7
0:4.4.0-14.el7_3.6
fixed
ipa-server-trust-ad
RHEL 7
0:4.4.0-14.el7_3.6
fixed
python2-ipaclient
RHEL 7
0:4.4.0-14.el7_3.6
fixed
python2-ipalib
RHEL 7
0:4.4.0-14.el7_3.6
fixed
python2-ipaserver
RHEL 7
0:4.4.0-14.el7_3.6
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2017-0388.html
http://www.securityfocus.com/bid/96557
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2590
http://rhn.redhat.com/errata/RHSA-2017-0388.html
http://www.securityfocus.com/bid/96557
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2590