Default Password Policy in FreeIPA Allows Remote Account Lockout Denial of Service
CVE-2016-7030 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on.
Learn more about our Web Application Penetration Testing UK.