CVE-2017-2590 Information

Description

A vulnerability was found in ipa before 4.4. IdM’s ca-del ca-disable and ca-enable commands did not properly check the user’s permissions while modifying CAs in Dogtag. An authenticated unauthorized attacker could use this flaw to delete disable or enable CAs causing various denial of service problems with certificate issuance OCSP signing and deletion of secret keys.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Reference

http://rhn.redhat.com/errata/RHSA-2017-0388.html http://www.securityfocus.com/bid/96557 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2590

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.1