FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services.
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Link | Tags |
---|---|
https://bugzilla.redhat.com/attachment.cgi?id=1184610 | issue tracking |
https://bugzilla.redhat.com/show_bug.cgi?id=1360757 | issue tracking patch |