CVE-2011-3636
FreeIPA < 2.1.4 - Cross-Site Request Forgery in Management Interface
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
http://freeipa.org/page/IPAv2_214
Scores
EPSS
0.0084
EPSS Percentile
53.5%
Details
CWE
CWE-352
Status
published
Products (16)
redhat/freeipa
0.99
redhat/freeipa
0.99698-20080228
redhat/freeipa
0.99698641-20080218
redhat/freeipa
1.0.0 (3 CPE variants)
redhat/freeipa
1.1.0
redhat/freeipa
1.1.1
redhat/freeipa
1.2.0
redhat/freeipa
1.2.1
redhat/freeipa
1.2.2
redhat/freeipa
1.9.0 pre1 (5 CPE variants)
... and 6 more
Published
Dec 08, 2011
Tracked Since
Feb 18, 2026