CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
Low
EPSS
Percentile
36.5%
A vulnerability in FreeIPA’s centralized user identity management system is associated
with insufficient password hash calculation. Exploitation of the vulnerability could allow an attacker,
acting remotely, to escalate their privileges by brute-forcing possible values for a user’s password
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | ipa-server | < 4.10.3-7 | UNKNOWN |