{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T17:07:06.874","vulnerabilities":[{"cve":{"id":"CVE-2021-3469","sourceIdentifier":"secalert@redhat.com","published":"2021-06-03T20:15:08.617","lastModified":"2026-06-17T04:05:09.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority (CA) to sign certificate requests that have subject alternative names (SANs). Foreman do not enable SANs by default and `allow-authorization-extensions` is set to `false` unless user change `/etc/puppetlabs/puppetserver/conf.d/ca.conf` configuration explicitly."},{"lang":"es","value":"Foreman versiones anteriores a  2.3.4 y versiones anteriores a 2.4.0,  están afectadas por un fallo en el manejo de la autorización. Un atacante autenticado puede hacerse pasar por el foreman-proxy si el producto permite que la autoridad de certificados (CA) de Puppet firme peticiones de certificados que tengan nombres alternativos de sujeto (SAN). Foreman no habilita los SANs por defecto y la función \"allow-authorization-extensions\" está ajustada en el parámetro \"false\" a menos que el usuario cambie la configuración del archivo \"/etc/puppetlabs/puppetserver/conf.d/ca.conf\" explícitamente"}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"n/a","product":"Foreman","versions":[{"version":"foreman 2.3.4, foreman 2.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.4","matchCriteriaId":"DA2204AF-3EAF-45DB-A73B-4B089E5EB946"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1943630","source":"secalert@redhat.com","tags":["Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1943630","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Mitigation","Third Party Advisory"]}]}}]}