CVE-2025-4404: Red Hat FreeIPA 安全漏洞

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2025-4404 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

Freeipa: idm: privilege escalation from host to domain admin in freeipa

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.

来源: 美国国家漏洞数据库 NVD

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

CWE-1220

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Red Hat FreeIPA 安全漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Red Hat FreeIPA是美国红帽（Red Hat）公司的一套集成的安全信息管理解决方案。该产品主要为Linux和Unix计算机网络提供身份管理、策略管理和审计管理（IPA）等功能。 Red Hat FreeIPA存在安全漏洞，该漏洞源于未验证krbCanonicalName唯一性，可能导致攻击者获取REALM管理员凭据并执行管理任务。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
Red Hat	Red Hat Enterprise Linux 10	0:4.12.2-15.el10_0.1 ~ *	`cpe:/o:redhat:enterprise_linux:10.0`
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	0:4.6.8-5.el7_9.18 ~ *	`cpe:/o:redhat:rhel_els:7`
Red Hat	Red Hat Enterprise Linux 8	8100020250603150652.143e9e98 ~ *	`cpe:/a:redhat:enterprise_linux:8::appstream`
Red Hat	Red Hat Enterprise Linux 8	8100020250603134209.823393f5 ~ *	`cpe:/a:redhat:enterprise_linux:8::appstream`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	8020020250609031831.50ea30f9 ~ *	`cpe:/a:redhat:rhel_aus:8.2::appstream`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	8020020250609030144.792f4060 ~ *	`cpe:/a:redhat:rhel_aus:8.2::appstream`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	8040020250609101903.f153676a ~ *	`cpe:/a:redhat:rhel_aus:8.4::appstream`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	8040020250609095221.5b01ab7e ~ *	`cpe:/a:redhat:rhel_aus:8.4::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	8060020250606060927.c1533a64 ~ *	`cpe:/a:redhat:rhel_aus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	8060020250606060504.ada582f1 ~ *	`cpe:/a:redhat:rhel_aus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	8060020250606060927.c1533a64 ~ *	`cpe:/a:redhat:rhel_aus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	8060020250606060504.ada582f1 ~ *	`cpe:/a:redhat:rhel_aus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	8060020250606060927.c1533a64 ~ *	`cpe:/a:redhat:rhel_aus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	8060020250606060504.ada582f1 ~ *	`cpe:/a:redhat:rhel_aus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	8080020250604195510.e581a9e4 ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	8080020250604202433.b0a6ceea ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	8080020250604195510.e581a9e4 ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	8080020250604202433.b0a6ceea ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 9	0:4.12.2-14.el9_6.1 ~ *	`cpe:/a:redhat:enterprise_linux:9::crb`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	0:4.9.8-11.el9_0.4 ~ *	`cpe:/a:redhat:rhel_e4s:9.0::appstream`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	0:4.10.1-12.el9_2.4 ~ *	`cpe:/a:redhat:rhel_e4s:9.2::appstream`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	0:4.11.0-15.el9_4.5 ~ *	`cpe:/a:redhat:rhel_eus:9.4::crb`
Red Hat	Red Hat Enterprise Linux 6	-	`cpe:/o:redhat:enterprise_linux:6`

二、漏洞 CVE-2025-4404 的公开POC

#	POC 描述	源链接	神龙链接
1	POC for CVE-2025-4404	https://github.com/Cyxow/CVE-2025-4404-POC	POC详情
2	POC for CVE-2025-4404	https://github.com/Im10n/CVE-2025-4404-POC	POC详情

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-4404 的情报信息

Please 登录 to view more intelligence information

https://access.redhat.com/security/cve/CVE-2025-4404vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2364606issue-trackingx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9189vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9186vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9192vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2025-4404

IV. Related Vulnerabilities

Same weakness: CWE-1220

V. Comments for CVE-2025-4404

暂无评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2025-4404 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2025-4404 的公开POC

三、漏洞 CVE-2025-4404 的情报信息

IV. Related Vulnerabilities

V. Comments for CVE-2025-4404

发表评论

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

一、 漏洞 CVE-2025-4404 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2025-4404 的公开POC

三、漏洞 CVE-2025-4404 的情报信息

IV. Related Vulnerabilities

V. Comments for CVE-2025-4404

发表评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2025-4404 基础信息