CSRF Vulnerability in FreeIPA Management Interface Allows Authentication Hijacking

CSRF Vulnerability in FreeIPA Management Interface Allows Authentication Hijacking

CVE-2011-3636 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes.

Learn more about our Web Application Penetration Testing UK.