The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIncoming and (2) ipaNTTrustAuthOutgoing attributes, which allow remote attackers to obtain the Cross-Realm Kerberos Trust key via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-05-29 07:19
Updated : 2017-08-28 18:33
NVD link : CVE-2013-0199
Mitre link : CVE-2013-0199
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
redhat
- freeipa