Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-2698
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Freeipa: delegation rules allow a proxy service to impersonate any user to access another target service
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the check_allowed_to_delegate() function: If the target service argument is NULL, then it means the KDC is probing for general constrained delegation rules and not checking a specific S4U2Proxy request. In FreeIPA 4.11.0, the behavior of ipadb_match_acl() was modified to match the changes from upstream MIT Kerberos 1.20. However, a mistake resulting in this mechanism applies in cases where the target service argument is set AND where it is unset. This results in S4U2Proxy requests being accepted regardless of whether or not there is a matching service delegation rule.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat FreeIPA 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat FreeIPA是一个综合安全信息管理解决方案。 FreeIPA 4.11.0版本存在安全漏洞,该漏洞源于缺少授予,导致无论是否符合规则的请求都会被接受。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Red HatRed Hat Enterprise Linux 8 8100020240528133707.823393f5 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 8.8 Extended Update Support 8080020240530051744.b0a6ceea ~ * cpe:/a:redhat:rhel_eus:8.8::appstream
Red HatRed Hat Enterprise Linux 9 0:4.11.0-15.el9_4 ~ * cpe:/a:redhat:enterprise_linux:9::appstream
Red HatRed Hat Enterprise Linux 9.2 Extended Update Support 0:4.10.1-12.el9_2.2 ~ * cpe:/a:redhat:rhel_eus:9.2::crb
Red HatRed Hat Enterprise Linux 6-cpe:/o:redhat:enterprise_linux:6
Red HatRed Hat Enterprise Linux 7-cpe:/o:redhat:enterprise_linux:7
Red HatRed Hat Enterprise Linux 8-cpe:/o:redhat:enterprise_linux:8
II. Public POCs for CVE-2024-2698
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-2698
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same weakness: CWE-863
V. Comments for CVE-2024-2698

No comments yet

Leave a comment