CVE-2021-3469
CVE-2021-3469 affects Foreman prior to 2.3.4 and prior to 2.4.0, due to an improper authorization handling flaw that lets an authenticated attacker impersonate the foreman-proxy when the Puppet CA is configured to sign certificate requests containing SANs. Foreman does not enable SANs by default,...