SB2020020443 - Red Hat Enterprise Linux 7 update for ipa
Published: February 4, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2019-10195)
CWE-ID: CWE-532 - Information Exposure Through Log Files
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the way FreeIPA's batch is processing API logged operations that includes storing passwords in clear text on FreeIPA masters. A local user with access to system logs on FreeIPA masters can use this vulnerability to produce log file content with passwords exposed.
2) Input validation error (CVE-ID: CVE-2019-14867)
CWE-ID: CWE-20 - Improper input validation
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input within the ber_scanf() function when processing kerberos key data. A remote non-authenticated attacker with ability to trigger parsing of the krb principal key, can pass specially crafted krb principal key to the IPA server and crash it or execute arbitrary code on the target system.
Remediation
Install update from vendor's website.