vulnerability
Alma Linux: CVE-2024-11029: Moderate: ipa security update (ALSA-2025-0334)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:C/I:N/A:N) | Jan 15, 2025 | Jan 20, 2025 | Aug 11, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:N)
Published
Jan 15, 2025
Added
Jan 20, 2025
Modified
Aug 11, 2025
Description
A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.
Solutions
alma-upgrade-ipa-clientalma-upgrade-ipa-client-commonalma-upgrade-ipa-client-epnalma-upgrade-ipa-client-sambaalma-upgrade-ipa-commonalma-upgrade-ipa-selinuxalma-upgrade-ipa-selinux-lunaalma-upgrade-ipa-selinux-nfastalma-upgrade-ipa-serveralma-upgrade-ipa-server-commonalma-upgrade-ipa-server-dnsalma-upgrade-ipa-server-trust-adalma-upgrade-python3-ipaclientalma-upgrade-python3-ipalibalma-upgrade-python3-ipaserveralma-upgrade-python3-ipatests
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.