3 matches found
CVE-2021-3494
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if...
CVE-2021-3494
CVE-2021-3494 affects the Foreman smart proxy’s FreeIPA module, where SSL certificate verification is not performed. This enables a potential Man-in-the-Middle attack if conditions are met, compromising confidentiality. Affected: Foreman/smart proxy versions before 2.5.0 (per NVD OSV notes). The ...
CVE-2021-3494
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if...