(RHSA-2021:2026) Important: ipa security update

2021-05-1907:06:17

access.redhat.com

red hat identity management

centralized authentication

authorization

slapi-nis vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

50.0%

JSON

Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

Security Fix(es):

slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanyppc64leipa-idoverride-memberof-plugin< 0.0.4-6.module+el8.1.0+4098+f286395eipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.ppc64le.rpm
RedHatanys390xipa-debuginfo< 4.8.4-11.module+el8.2.0+10290+4658f31cipa-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.s390x.rpm
RedHatanynoarchipa-python-compat< 4.8.4-11.module+el8.2.0+10290+4658f31cipa-python-compat-4.8.4-11.module+el8.2.0+10290+4658f31c.noarch.rpm
RedHatanynoarchipa-healthcheck< 0.4-4.module+el8.2.0+5489+95477d9fipa-healthcheck-0.4-4.module+el8.2.0+5489+95477d9f.noarch.rpm
RedHatanyppc64lebind-dyndb-ldap< 11.2-3.module+el8.2.0+4921+923e30d5bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.ppc64le.rpm
RedHatanynoarchpython3-kdcproxy< 0.4-5.module+el8.2.0+4691+a05b2456python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm
RedHatanys390xipa-server-debuginfo< 4.8.4-11.module+el8.2.0+10290+4658f31cipa-server-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.s390x.rpm
RedHatanyx86_64opendnssec-debuginfo< 1.4.14-1.module+el8.1.0+4098+f286395eopendnssec-debuginfo-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm
RedHatanyx86_64ipa-debuginfo< 4.8.4-11.module+el8.2.0+10290+4658f31cipa-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.x86_64.rpm
RedHatanyaarch64ipa-server-debuginfo< 4.8.4-11.module+el8.2.0+10290+4658f31cipa-server-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc64le	ipa-idoverride-memberof-plugin	< 0.0.4-6.module+el8.1.0+4098+f286395e	ipa-idoverride-memberof-plugin-0.0.4-6.module+el8.1.0+4098+f286395e.ppc64le.rpm
RedHat	any	s390x	ipa-debuginfo	< 4.8.4-11.module+el8.2.0+10290+4658f31c	ipa-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.s390x.rpm
RedHat	any	noarch	ipa-python-compat	< 4.8.4-11.module+el8.2.0+10290+4658f31c	ipa-python-compat-4.8.4-11.module+el8.2.0+10290+4658f31c.noarch.rpm
RedHat	any	noarch	ipa-healthcheck	< 0.4-4.module+el8.2.0+5489+95477d9f	ipa-healthcheck-0.4-4.module+el8.2.0+5489+95477d9f.noarch.rpm
RedHat	any	ppc64le	bind-dyndb-ldap	< 11.2-3.module+el8.2.0+4921+923e30d5	bind-dyndb-ldap-11.2-3.module+el8.2.0+4921+923e30d5.ppc64le.rpm
RedHat	any	noarch	python3-kdcproxy	< 0.4-5.module+el8.2.0+4691+a05b2456	python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm
RedHat	any	s390x	ipa-server-debuginfo	< 4.8.4-11.module+el8.2.0+10290+4658f31c	ipa-server-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.s390x.rpm
RedHat	any	x86_64	opendnssec-debuginfo	< 1.4.14-1.module+el8.1.0+4098+f286395e	opendnssec-debuginfo-1.4.14-1.module+el8.1.0+4098+f286395e.x86_64.rpm
RedHat	any	x86_64	ipa-debuginfo	< 4.8.4-11.module+el8.2.0+10290+4658f31c	ipa-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.x86_64.rpm
RedHat	any	aarch64	ipa-server-debuginfo	< 4.8.4-11.module+el8.2.0+10290+4658f31c	ipa-server-debuginfo-4.8.4-11.module+el8.2.0+10290+4658f31c.aarch64.rpm