7.5

CVE-2016-7030

FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreeipaFreeipa Version4.6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.7% 0.906
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2017-0001.html
http://www.openwall.com/lists/oss-security/2017/01/02/5
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/94934
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1370493
Third Party Advisory
Issue Tracking
https://pagure.io/freeipa?id=6f1d927467e7907fd1991f88388d96c67c9bff61
Third Party Advisory