CVE-2019-10195

Priority
Description
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x
versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that
FreeIPA's batch processing API logged operations. This included passing
user passwords in clear text on FreeIPA masters. Batch processing of
commands with passwords as arguments or options is not performed by default
in FreeIPA but is possible by third-party components. An attacker having
access to system logs on FreeIPA masters could use this flaw to produce log
file content with passwords exposed.
Notes
Package
Upstream:released (4.8.3-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.04 (Disco Dingo):ignored (reached end-of-life)
Ubuntu 19.10 (Eoan Ermine):needed
Ubuntu 20.04 (Focal Fossa):DNE
Patches:
Upstream:https://pagure.io/freeipa/c/02ce407f5e10e670d4788778037892b58f80adc0
More Information

Updated: 2020-01-23 20:43:42 UTC (commit b4629892d998f2ede31f59bb7508dc50a92ac664)