CVE-2025-7493 : Freeipa: idm: privilege escalation from host to domain admin in freeipa

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2025-7493 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

Freeipa: idm: privilege escalation from host to domain admin in freeipa

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the krbCanonicalName. While the previously released version added validations for the admin@REALM credential, FreeIPA still does not validate the root@REALM canonical name, which can also be used as the realm administrator's name. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.

来源: 美国国家漏洞数据库 NVD

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

CWE-1220

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Red Hat FreeIPA 安全漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Red Hat FreeIPA是美国红帽（Red Hat）公司的一套集成的安全信息管理解决方案。该产品主要为Linux和Unix计算机网络提供身份管理、策略管理和审计管理（IPA）等功能。 Red Hat FreeIPA存在安全漏洞，该漏洞源于未验证root@REALM规范名称的唯一性，可能导致权限提升和敏感数据泄露。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
Red Hat	Red Hat Enterprise Linux 10	0:4.12.2-15.el10_0.4 ~ *	`cpe:/o:redhat:enterprise_linux:10.0`
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	0:4.6.8-5.el7_9.23 ~ *	`cpe:/o:redhat:rhel_els:7`
Red Hat	Red Hat Enterprise Linux 8	8100020250919180242.143e9e98 ~ *	`cpe:/a:redhat:enterprise_linux:8::appstream`
Red Hat	Red Hat Enterprise Linux 8	8100020250918211722.823393f5 ~ *	`cpe:/a:redhat:enterprise_linux:8::appstream`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	8020020250924110056.50ea30f9 ~ *	`cpe:/a:redhat:rhel_aus:8.2::appstream`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	8020020250924104944.792f4060 ~ *	`cpe:/a:redhat:rhel_aus:8.2::appstream`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	8040020250923180004.f153676a ~ *	`cpe:/a:redhat:rhel_eus_long_life:8.4::appstream`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	8040020250923175408.5b01ab7e ~ *	`cpe:/a:redhat:rhel_eus_long_life:8.4::appstream`
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	8040020250923180004.f153676a ~ *	`cpe:/a:redhat:rhel_eus_long_life:8.4::appstream`
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	8040020250923175408.5b01ab7e ~ *	`cpe:/a:redhat:rhel_eus_long_life:8.4::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	8060020250916172436.c1533a64 ~ *	`cpe:/a:redhat:rhel_tus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	8060020250916174421.ada582f1 ~ *	`cpe:/a:redhat:rhel_tus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	8060020250916172436.c1533a64 ~ *	`cpe:/a:redhat:rhel_tus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	8060020250916174421.ada582f1 ~ *	`cpe:/a:redhat:rhel_tus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	8060020250916172436.c1533a64 ~ *	`cpe:/a:redhat:rhel_tus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	8060020250916174421.ada582f1 ~ *	`cpe:/a:redhat:rhel_tus:8.6::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	8080020250918184739.e581a9e4 ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	8080020250918152850.b0a6ceea ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	8080020250918184739.e581a9e4 ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	8080020250918152850.b0a6ceea ~ *	`cpe:/a:redhat:rhel_e4s:8.8::appstream`
Red Hat	Red Hat Enterprise Linux 9	0:4.12.2-14.el9_6.5 ~ *	`cpe:/a:redhat:enterprise_linux:9::crb`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	0:4.9.8-11.el9_0.5 ~ *	`cpe:/a:redhat:rhel_e4s:9.0::appstream`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	0:4.10.1-12.el9_2.6 ~ *	`cpe:/a:redhat:rhel_e4s:9.2::appstream`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	0:4.11.0-15.el9_4.7 ~ *	`cpe:/a:redhat:rhel_eus:9.4::crb`
Red Hat	Red Hat Enterprise Linux 6	-	`cpe:/o:redhat:enterprise_linux:6`

二、漏洞 CVE-2025-7493 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2025-7493 的情报信息

Please 登录 to view more intelligence information

https://access.redhat.com/security/cve/CVE-2025-7493vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2389448issue-trackingx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17645vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17646vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17086vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17085vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17647vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17088vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17648vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17129vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17087vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17649vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:17084vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2025-7493

四、漏洞 CVE-2025-7493 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2025-7493 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2025-7493 的公开POC

三、漏洞 CVE-2025-7493 的情报信息

四、漏洞 CVE-2025-7493 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2025-7493 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2025-7493 的公开POC

三、漏洞 CVE-2025-7493 的情报信息

四、漏洞 CVE-2025-7493 的评论

发表评论

一、漏洞 CVE-2025-7493 基础信息