FreeIPA fixed XXE (CVE-2022-2414) found by our researcher @elk | PT SWARM

FreeIPA fixed XXE (CVE-2022-2414) found by our researcher @elk0kc.

In some cases, it allows attackers to read the Directory Manager password from configs of FreeIPA and take full control of the infrastructure. May or may not require auth.

Advisory: https://access.redhat.com/security/cve/CVE-2022-2414

PT SWARM

🎅 2.98K
Technologies

Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...

Join
▲ Vote (1)

FreeIPA fixed XXE (CVE-2022-2414) found by our researcher @elk | PT SWARM

Login