Name of the Vulnerable Software and Affected Versions: AlmaLinux Identity Management (IdM) versions 8.3 and earlier

Description: AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution. The issue arises when the krb5 library breaks FAST armoring with referrals, and IPA should handle such situations. Additionally, there is an issue with the IPA WebUI being inaccessible after upgrading to AlmaLinux 8.3 due to a missing idoverride-memberof.js file.

Recommendations: For AlmaLinux Identity Management (IdM) version 8.3 and earlier, update to a version that includes the fix for the missing idoverride-memberof.js file and handles krb5 library breaks with referrals. At the moment, there is no information about a newer version that contains a fix for this vulnerability.