CVE-2024-11029

Source
https://cve.org/CVERecord?id=CVE-2024-11029
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-11029.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-11029
Downstream
Related
Published
2025-01-15T13:15:08Z
Modified
2026-04-10T05:08:12.936038Z
Summary
[none]
Details

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.

References

Affected packages