Permission Flaw in Dogtag Certificate Management by Red Hat
CVE-2017-2590

8.1HIGH

Key Information:

Vendor
Red Hat
Status
Ipa
Vendor
CVE Published:
27 July 2018

Summary

A permissions flaw exists in the Dogtag component of Red Hat's Identity Management (IdM). This vulnerability affects the 'ca-del', 'ca-disable', and 'ca-enable' commands, which do not enforce proper checks on user permissions. An authenticated yet unauthorized user could exploit this vulnerability to modify Certificate Authorities (CAs), leading to potential denial of service issues. This could disrupt certificate issuance, affect OCSP signing, or even lead to the deletion of secret keys, posing significant risks to system integrity and availability.

Affected Version(s)

ipa 4.4

References

http://www.securityfocus.com/bid/96557
vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2017-0388.html
vendor-advisoryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2590
x_refsource_CONFIRM

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.