PKI Mode Vulnerability Allows Bypass of Security Measures
CVE-2024-6156
3.8LOW
What is CVE-2024-6156?
Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.
Affected Version(s)
LXD Linux 4.0 < 4.0.10
LXD Linux 4.0 < 5.0.4
LXD Linux 4.0 < 5.21.2