Описание
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.1.2-0ubuntu1 |
| esm-apps/xenial | not-affected | 3.1.2-0ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 3.1.2-0ubuntu1 |
| hardy | DNE | |
| lucid | DNE | |
| oneiric | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | not-affected | 3.1.2-0ubuntu1 |
Показывать по
7.9 High
CVSS2
Связанные уязвимости
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
7.9 High
CVSS2