The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join. Rated high severity (CVSS 7.9). No vendor patch available.
Information Disclosure
Freeipa
NVD
CVSS 2.0
7.9
EPSS
0.5%