fedoraproject

sssd

9 known vulnerabilities · sorted by CVSS score

CVE-2012-3462

A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.

fedoraproject / sssd

Network

Published Dec 26, 2019

CVE-2021-3621

HIGH8.8

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

fedoraproject / sssd+12

Network

Published Dec 23, 2021

CVE-2022-4254

HIGH8.8

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

fedoraproject / sssd+13

Network

Published Feb 1, 2023

CVE-2023-3758

HIGH7.1

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

fedoraproject / sssd+78

Adjacent

Published Apr 18, 2024

CVE-2018-16838

MEDIUM5.4

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.

fedoraproject / sssd+1

Network

Published Mar 25, 2019

CVE-2019-3811

MEDIUM5.2

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.

fedoraproject / sssd+5

Adjacent

Published Jan 15, 2019

CVE-2017-12173

MEDIUM4.3

It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.

redhat / enterprise_linux_desktop+9

Network

Published Jul 27, 2018

CVE-2018-10852

LOW3.8

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.

debian / debian_linux+4

Local

Published Jun 26, 2018

CVE-2018-16883

LOW2.5

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.

fedoraproject / sssd

Local

Published Dec 19, 2018