Vulnerabilities > Freeipa > Freeipa > 4.6.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-5455 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. | 6.5 |
| 2020-04-27 | CVE-2020-1722 | Resource Exhaustion vulnerability in multiple products A flaw was found in all ipa versions 4.x.x through 4.8.0. | 5.3 |
| 2019-09-17 | CVE-2019-14826 | Insufficient Session Expiration vulnerability in multiple products A flaw was found in FreeIPA versions 4.5.0 and later. | 2.1 |
| 2018-01-10 | CVE-2017-12169 | Information Exposure vulnerability in Freeipa It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the 'System: Read Stage Users' permission. | 4.0 |