Description
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
References (11)
Scores
CVSS v3
7.5
EPSS
0.0005
EPSS Percentile
14.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-305
Status
published
Products (14)
Red Hat/Red Hat Certificate System 10.4 EUS for RHEL-8
8060020240529205458.07fb4edf
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
0:10.5.18-32.el7_9
Red Hat/Red Hat Enterprise Linux 8
8100020240614102443.82f485b7
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
8040020240329193548.17df0a3f
Red Hat/Red Hat Enterprise Linux 8.4 Telecommunications Update Service
8040020240329193548.17df0a3f
Red Hat/Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
8040020240329193548.17df0a3f
Red Hat/Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
8060020240329182634.60523a7b
Red Hat/Red Hat Enterprise Linux 8.6 Telecommunications Update Service
8060020240329182634.60523a7b
Red Hat/Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
8060020240329182634.60523a7b
... and 4 more
Published
Jun 11, 2024
Tracked Since
Feb 18, 2026