{"uuid": "ac215344-bbbc-4418-a6a5-3febfd53739d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2414", "type": "seen", "source": "https://t.me/ptswarm/146", "content": "\ud83d\udc33 FreeIPA fixed XXE (CVE-2022-2414) found by our researcher @elk0kc.\n\nIn some cases, it allows attackers to read the Directory Manager password  from configs of FreeIPA and take full control of the infrastructure. May or may not require auth.\n\nAdvisory: https://access.redhat.com/security/cve/CVE-2022-2414", "creation_timestamp": "2022-08-31T13:04:24.000000Z"}