CVE-2024-11029 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation proces…
Medium CVSS: 5.5

CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.
Vendor
-
Product
-
CWE
CWE-497
Yayın Tarihi
2025-01-15 13:15:08
Güncelleme
2025-01-15 14:15:27
Source Identifier
secalert@redhat.com
KEV Date Added
-

Kategoriler

CWE-497 MEDIUM 2025

Referanslar

https://access.redhat.com/errata/RHSA-2025:0334 https://access.redhat.com/security/cve/CVE-2024-11029 https://bugzilla.redhat.com/show_bug.cgi?id=2325557