The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Freeipa | Redhat | 2.0.0 (including) | 2.0.0 (including) |
Freeipa | Redhat | 2.0.1 (including) | 2.0.1 (including) |
Freeipa | Redhat | 2.1.0 (including) | 2.1.0 (including) |
Freeipa | Redhat | 2.1.1 (including) | 2.1.1 (including) |
Freeipa | Redhat | 2.1.3 (including) | 2.1.3 (including) |
Freeipa | Redhat | 2.1.4 (including) | 2.1.4 (including) |
Freeipa | Redhat | 2.2.1 (including) | 2.2.1 (including) |