Critical severity9.8NVD Advisory· Published Sep 21, 2017· Updated May 13, 2026
CVE-2015-5284
CVE-2015-5284
Description
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- bugzilla.redhat.com/attachment.cginvdIssue TrackingMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- pagure.io/freeipa/issue/5347nvdThird Party Advisory
- www.redhat.com/archives/freeipa-interest/2015-October/msg00000.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.