A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2018-07-27T18:00:00
Updated: 2024-08-05T14:02:06.518Z
Reserved: 2016-12-01T00:00:00
Link: CVE-2017-2590
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-07-27T18:29:00.627
Modified: 2024-11-21T03:23:47.170
Link: CVE-2017-2590
Redhat