pki-core is vulnerable to privilege escalation attacks. The vulnerability exists as Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules (authz.evaluateOrder=allow,deny), then allow rules will deny access and deny rules will grant access.
access.redhat.com/errata/RHSA-2018:1979
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1550581
bugzilla.redhat.com/show_bug.cgi?id=1551067
bugzilla.redhat.com/show_bug.cgi?id=1552241
bugzilla.redhat.com/show_bug.cgi?id=1554726
bugzilla.redhat.com/show_bug.cgi?id=1554727
bugzilla.redhat.com/show_bug.cgi?id=1557880
bugzilla.redhat.com/show_bug.cgi?id=1557883
bugzilla.redhat.com/show_bug.cgi?id=1558919
bugzilla.redhat.com/show_bug.cgi?id=1571582
bugzilla.redhat.com/show_bug.cgi?id=1572548
bugzilla.redhat.com/show_bug.cgi?id=1581134
bugzilla.redhat.com/show_bug.cgi?id=1581135
bugzilla.redhat.com/show_bug.cgi?id=1585945
bugzilla.redhat.com/show_bug.cgi?id=1587826
bugzilla.redhat.com/show_bug.cgi?id=1588944
bugzilla.redhat.com/show_bug.cgi?id=1588945
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1080
pagure.io/freeipa/issue/7453
review.gerrithub.io/c/dogtagpki/pki/+/404435