CVE-2016-9575 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-9575 Interim 1 5 2024-06-12T01:17:35Z current 2021-05-30T13:47:58Z 2024-06-12T01:17:35Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-9575 Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently use such certificates for other attacks. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 7 ipa-admintools-4.4.0-14.el7_3.1.1 ipa-client-4.4.0-14.el7_3.1.1 ipa-client-common-4.4.0-14.el7_3.1.1 ipa-common-4.4.0-14.el7_3.1.1 ipa-python-compat-4.4.0-14.el7_3.1.1 ipa-server-4.4.0-14.el7_3.1.1 ipa-server-common-4.4.0-14.el7_3.1.1 ipa-server-dns-4.4.0-14.el7_3.1.1 ipa-server-trust-ad-4.4.0-14.el7_3.1.1 python2-ipaclient-4.4.0-14.el7_3.1.1 python2-ipalib-4.4.0-14.el7_3.1.1 python2-ipaserver-4.4.0-14.el7_3.1.1 ipa-admintools-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-client-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-client-common-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-common-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-python-compat-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-server-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-server-common-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-server-dns-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 ipa-server-trust-ad-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 python2-ipaclient-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 python2-ipalib-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 python2-ipaserver-4.4.0-14.el7_3.1.1 as a component of SUSE Liberty Linux 7 Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently use such certificates for other attacks. CVE-2016-9575 SUSE Liberty Linux 7:ipa-admintools-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-client-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-client-common-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-common-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-python-compat-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-server-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-server-common-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-server-dns-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:ipa-server-trust-ad-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:python2-ipaclient-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:python2-ipalib-4.4.0-14.el7_3.1.1 SUSE Liberty Linux 7:python2-ipaserver-4.4.0-14.el7_3.1.1 moderate 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L