CVE-2024-11029 Information

Description

A flaw was found in the FreeIPA API audit where it sends the whole FreeIPA command line to journalctl. As a consequence during the FreeIPA installation process it inadvertently leaks the administrative user credentials including the administrator password to the journal database. In the worst-case scenario where the journal log is centralized users with access to it can have improper access to the FreeIPA administrator credentials.

Reference

https://access.redhat.com/errata/RHSA-2025:0334 https://access.redhat.com/security/cve/CVE-2024-11029 https://bugzilla.redhat.com/show_bug.cgi?id=2325557