A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/5xxx/CVE-2023-5455.json",
"cna_assigner": "redhat",
"cwe_ids": [
"CWE-352"
]
}{
"source": [
"CPE_RANGE",
"CPE_STRING"
],
"cpe": [
"cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*",
"cpe:2.3:a:freeipa:freeipa:4.11.0:-:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "4.6.10"
},
{
"introduced": "4.7.0"
},
{
"fixed": "4.9.14"
},
{
"introduced": "4.10.0"
},
{
"fixed": "4.10.3"
},
{
"introduced": "4.11.0-NA"
},
{
"last_affected": "4.11.0-NA"
}
]
}