CNNVD-202509-4465 Information

Sep 30, 2025 cve

CNNVD ID

CNNVD-202509-4465

CVE-2025-7493

CNNVD Published: 2025-09-30

Description (Chinese)

Red Hat FreeIPA是美国红帽（Red Hat）公司的一套集成的安全信息管理解决方案。该产品主要为Linux和Unix计算机网络提供身份管理、策略管理和审计管理（IPA）等功能。 Red Hat FreeIPA存在安全漏洞，该漏洞源于未验证root@REALM规范名称的唯一性，可能导致权限提升和敏感数据泄露。

Description (English)

Red Hat FreeIPA is an integrated security information management solution for Red Hat. The product mainly provides identity management, strategy management and audit management (IPA) functions for Linux and Unix computer networks. Red Hat FreeIPA had a security loophole, which stemmed from the unverified uniqueness of the root@REALM code name, which could lead to increased authority and the disclosure of sensitive data.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

红帽

Published

2025-09-30

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2389448 https://access.redhat.com/security/cve/CVE-2025-7493 https://access.redhat.com/errata/RHSA-2025:17086 https://access.redhat.com/errata/RHSA-2025:17087 https://access.redhat.com/errata/RHSA-2025:17088 https://access.redhat.com/errata/RHSA-2025:17084 https://access.redhat.com/errata/RHSA-2025:17085 https://access.redhat.com/errata/RHSA-2025:17129 https://vigilance.fr/vulnerability/FreeIPA-privilege-escalation-via-Kerberos-Attributes-Duplicates-48343

Share on: