CVE-2016-7030
Description
FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.175
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Bind-dyndb-ldap update (ELSA-2024-3044) bind-dyndb-ldap-11.6-4.module+el8.9.0+90094+20819f5a.x86_64.rpm | Linux |
| Custodia update (ELSA-2024-3044) custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Ipa-client update (ELSA-2024-3044) ipa-client-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.x86_64.rpm | Linux |
| Ipa-client update (ELSA-2024-3044) ipa-client-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.x86_64.rpm | Linux |
| Ipa-client-common update (ELSA-2024-3044) ipa-client-common-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Ipa-client-common update (ELSA-2024-3044) ipa-client-common-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.noarch.rpm | Linux |
| Ipa-client-epn update (ELSA-2024-3044) ipa-client-epn-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.x86_64.rpm | Linux |
| Ipa-client-epn update (ELSA-2024-3044) ipa-client-epn-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.x86_64.rpm | Linux |
| Ipa-client-samba update (ELSA-2024-3044) ipa-client-samba-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.x86_64.rpm | Linux |
| Ipa-client-samba update (ELSA-2024-3044) ipa-client-samba-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.x86_64.rpm | Linux |
| Ipa-common update (ELSA-2024-3044) ipa-common-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Ipa-common update (ELSA-2024-3044) ipa-common-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.noarch.rpm | Linux |
| Ipa-healthcheck update (ELSA-2024-3044) ipa-healthcheck-0.12-3.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Ipa-healthcheck-core update (ELSA-2024-3044) ipa-healthcheck-core-0.12-3.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Ipa-healthcheck-core update (ELSA-2024-3044) ipa-healthcheck-core-0.12-3.module+el8.9.0+90095+d672673c.noarch.rpm | Linux |
| Ipa-python-compat update (ELSA-2024-3044) ipa-python-compat-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Ipa-python-compat update (ELSA-2024-3044) ipa-python-compat-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.noarch.rpm | Linux |
| Ipa-selinux update (ELSA-2024-3044) ipa-selinux-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Ipa-selinux update (ELSA-2024-3044) ipa-selinux-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.noarch.rpm | Linux |
| Ipa-server update (ELSA-2024-3044) ipa-server-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.x86_64.rpm | Linux |
| Ipa-server-common update (ELSA-2024-3044) ipa-server-common-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Ipa-server-dns update (ELSA-2024-3044) ipa-server-dns-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Ipa-server-trust-ad update (ELSA-2024-3044) ipa-server-trust-ad-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.x86_64.rpm | Linux |
| Opendnssec update (ELSA-2024-3044) opendnssec-2.1.7-1.module+el8.9.0+90094+20819f5a.x86_64.rpm | Linux |
| Python3-custodia update (ELSA-2024-3044) python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Python3-ipaclient update (ELSA-2024-3044) python3-ipaclient-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Python3-ipaclient update (ELSA-2024-3044) python3-ipaclient-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.noarch.rpm | Linux |
| Python3-ipalib update (ELSA-2024-3044) python3-ipalib-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Python3-ipalib update (ELSA-2024-3044) python3-ipalib-4.9.13-8.0.1.module+el8.10.0+90332+38aded3e.noarch.rpm | Linux |
| Python3-ipaserver update (ELSA-2024-3044) python3-ipaserver-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Python3-ipatests update (ELSA-2024-3044) python3-ipatests-4.9.13-8.0.1.module+el8.10.0+90331+72067d32.noarch.rpm | Linux |
| Python3-jwcrypto update (ELSA-2024-3044) python3-jwcrypto-0.5.0-1.1.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Python3-jwcrypto update (ELSA-2024-3044) python3-jwcrypto-0.5.0-1.1.module+el8.9.0+90095+d672673c.noarch.rpm | Linux |
| Python3-kdcproxy update (ELSA-2024-3044) python3-kdcproxy-0.4-5.module+el8.9.0+90122+3305dc1d.noarch.rpm | Linux |
| Python3-pyusb update (ELSA-2024-3044) python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Python3-pyusb update (ELSA-2024-3044) python3-pyusb-1.0.0-9.1.module+el8.9.0+90095+d672673c.noarch.rpm | Linux |
| Python3-qrcode update (ELSA-2024-3044) python3-qrcode-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Python3-qrcode update (ELSA-2024-3044) python3-qrcode-5.1-12.module+el8.9.0+90095+d672673c.noarch.rpm | Linux |
| Python3-qrcode-core update (ELSA-2024-3044) python3-qrcode-core-5.1-12.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Python3-qrcode-core update (ELSA-2024-3044) python3-qrcode-core-5.1-12.module+el8.9.0+90095+d672673c.noarch.rpm | Linux |
| Python3-yubico update (ELSA-2024-3044) python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm | Linux |
| Python3-yubico update (ELSA-2024-3044) python3-yubico-1.3.2-9.1.module+el8.9.0+90095+d672673c.noarch.rpm | Linux |
| Slapi-nis update (ELSA-2024-3044) slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.x86_64.rpm | Linux |
| Softhsm update (ELSA-2024-3044) softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm | Linux |
| Softhsm-devel update (ELSA-2024-3044) softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234