A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.
Credits
Red Hat would like to thank Sukhov Mikhail (Angara Security) for reporting this issue.