| Description: | The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. It was discovered that FreeIPA incorrectly handled certificates. An attacker could possibly use this issue to cause a denial of service by revoking arbitrary certificates.
|