A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2018-07-27T18:00:00

Updated: 2024-08-05T14:02:06.518Z

Reserved: 2016-12-01T00:00:00

Link: CVE-2017-2590

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-27T18:29:00.627

Modified: 2024-11-21T03:23:47.170

Link: CVE-2017-2590

cve-icon Redhat

Severity : Moderate

Publid Date: 2017-02-27T00:00:00Z

Links: CVE-2017-2590 - Bugzilla