DescriptionA flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database
List of released packages
|Fixed package version(s)
|SUSE Liberty Linux 7
|SUSE Liberty Linux 9
SUSE Timeline for this CVECVE page created: Tue Jul 12 20:02:10 2022
CVE page last modified: Mon Oct 30 18:15:36 2023