vulnerability

Debian: CVE-2020-1722: freeipa -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:H/Au:N/C:N/I:N/A:C)	04/27/2020	07/30/2024	07/30/2024

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:N/A:C)

Published

04/27/2020

Added

07/30/2024

Modified

07/30/2024

Description

A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.

Solution

debian-upgrade-freeipa

References

CVE-2020-1722
https://attackerkb.com/topics/CVE-2020-1722

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today