A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-07-14T14:53:46

Updated: 2024-08-03T00:39:07.715Z

Reserved: 2022-07-12T00:00:00

Link: CVE-2022-2393

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-07-14T15:15:08.133

Modified: 2024-11-21T07:00:54.100

Link: CVE-2022-2393

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-07-12T17:25:00Z

Links: CVE-2022-2393 - Bugzilla