FortiClient Vulnerability

RedHat ipa CVE-2020-11023 Cross Site Scripting Vulnerability

Description

Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): cannot issue certs with multiple IP addresses corresponding to different hosts (BZ#1846349) CA-less install does not set required permissions on KDC certificate (BZ#1863619) IdM Web UI shows users as disabled (BZ#1884819) Authentication and login times are over several seconds due to unindexed ipaExternalMember (BZ#1892793) improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find (BZ#1895197) IPA WebUI inaccessible after upgrading to RHEL 8.3 - idoverride-memberof.js missing (BZ#1897253) cannot issue certs with multiple IP addresses corresponding to different hosts (BZ#1846349) CA-less install does not set required permissions on KDC certificate (BZ#1863619) IdM Web UI shows users as disabled (BZ#1884819) Authentication and login times are over several seconds due to unindexed ipaExternalMember (BZ#1892793) improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find (BZ#1895197) IPA WebUI inaccessible after upgrading to RHEL 8.3 - idoverride-memberof.js missing (BZ#1897253) SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258