1. Home
  2. CVE Database
  3. CVE-2019-14867
HIGH · 8.8

CVE-2019-14867

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components ...

Vulnerability Description

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA server to crash or in some conditions, cause arbitrary code to be executed on the server hosting the IPA server.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
FreeipaFreeipa>= 4.6.0, < 4.6.7
FedoraprojectFedora30

Related Weaknesses (CWE)

CWE-94CWE-400

References

FAQ

What is CVE-2019-14867?

CVE-2019-14867 is a vulnerability with a CVSS score of 8.8 (HIGH). A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components ...

How severe is CVE-2019-14867?

CVE-2019-14867 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-14867?

Check the references section above for vendor advisories and patch information. Affected products include: Freeipa Freeipa, Fedoraproject Fedora.