Candidate: CVE-2016-7030 PublicDate: 2017-08-28 15:29:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7030 https://bugzilla.redhat.com/show_bug.cgi?id=1370493 https://bugzilla.redhat.com/show_bug.cgi?id=1404910 (regression bug) Description: FreeIPA uses a default password policy that locks an account after 5 unsuccessful authentication attempts, which allows remote attackers to cause a denial of service by locking out the account in which system services run on. Ubuntu-Description: It was discovered that FreeIPA incorrectly handled authentication attempts. An attacker could possibly use this issue to cause a denial of service. Notes: Bugs: Priority: medium Discovered-by: Petr Spacek Assigned-to: CVSS: nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] Patches_freeipa: upstream: https://pagure.io/freeipa/c/08e7af9f0f8acac3dcd8dde1eee53261e5d25f1f?branch=ipa-4-4 upstream: https://pagure.io/freeipa/c/171bc3e6853f905184584e414cefa4f7296c02ea?branch=ipa-4-4 (testcases) upstream: https://pagure.io/freeipa/c/84f6df6349b5c412467746777e905d9e4f8792ca?branch=ipa-4-4 (regression fix) upstream: https://pagure.io/freeipa/c/f0f48ec14f3ff55852393927533ffd253cb5a04b?branch=ipa-4-4 (tests) upstream: https://pagure.io/freeipa/c/e02323c1c3b3c3dadd57d9f1885ec1af046718de?branch=ipa-4-4 (tests) upstream_freeipa: released (4.4.4-1) precise_freeipa: ignored (reached end-of-life) precise/esm_freeipa: DNE (precise was needs-triage) trusty_freeipa: ignored (out of standard support) trusty/esm_freeipa: needed vivid/stable-phone-overlay_freeipa: DNE vivid/ubuntu-core_freeipa: DNE xenial_freeipa: ignored (end of standard support, was needed) yakkety_freeipa: ignored (reached end-of-life) zesty_freeipa: ignored (reached end-of-life) artful_freeipa: ignored (reached end-of-life) bionic_freeipa: not-affected (4.4.4-1) cosmic_freeipa: not-affected (4.4.4-1) disco_freeipa: not-affected (4.4.4-1) eoan_freeipa: not-affected (4.4.4-1) focal_freeipa: not-affected (4.4.4-1) groovy_freeipa: not-affected (4.4.4-1) hirsute_freeipa: not-affected (4.4.4-1) impish_freeipa: not-affected (4.4.4-1) jammy_freeipa: not-affected (4.4.4-1) devel_freeipa: not-affected (4.4.4-1)