Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2012-5484

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.

  • Published: Jan 27, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-5484
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.9
  • AV:A/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
redhat / freeipa 2.1.0 2.1.0.x
redhat / freeipa 2.1.1 2.1.1.x
redhat / freeipa 2.1.3 2.1.3.x
redhat / freeipa 2.1.4 2.1.4.x
redhat / freeipa 2.0.1 2.0.1.x
redhat / freeipa 2.2.1 2.2.1.x
redhat / freeipa 2.0.0 2.0.0.x
redhat / freeipa 3.0.2 3.0.2.x
redhat / freeipa 3.1.1 3.1.1.x
redhat / freeipa 3.0.1 3.0.1.x
redhat / freeipa 3.0.0 3.0.0.x