Vulnerability in IPA before 4.4: Unauthorized CA Modification Leading to Denial of Service

Vulnerability in IPA before 4.4: Unauthorized CA Modification Leading to Denial of Service

CVE-2017-2590 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.

Learn more about our User Device Pen Test.