VYPR
Critical severity9.8NVD Advisory· Published Sep 21, 2017· Updated Jun 17, 2026

CVE-2015-5284

CVE-2015-5284

Description

ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem, which is world readable.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Freeipa/Freeipa2 versions
    cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*range: <=4.2.1
    • (no CPE)range: <4.2.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.