CVE-2024-11029

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions FreeIPA (affected versions not specified)

Description A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-497

Related Identifiers

ALSA-2025:0334

ALT-PU-2025-1448

ALT-PU-2025-1456

ALT-PU-2025-1651

BDU:2026-06677

CVE-2024-11029

INFSA-2025_0334

RHSA-2025:0334

RHSA-2025_0334

Affected Products

Alt Linux

Almalinux

Debian

Freeipa

Red Hat

CVE-2024-11029

Weakness Enumeration

Related Identifiers

Affected Products

References · 23