Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-4254HistoryFeb 01, 2023 - 5:15 p.m.
CVE-2022-4254
2023-02-0117:15:09
Debian Security Bug Tracker
security-tracker.debian.org
24
sssd
libsss_certmap
ldap filters
sanitisation
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.004
Percentile
73.0%
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | sssd | < 2.3.1-1 | sssd_2.3.1-1_all.deb |
| Debian | 11 | all | sssd | < 2.3.1-1 | sssd_2.3.1-1_all.deb |
| Debian | 999 | all | sssd | < 2.3.1-1 | sssd_2.3.1-1_all.deb |
| Debian | 13 | all | sssd | < 2.3.1-1 | sssd_2.3.1-1_all.deb |
Related
redhat
redhat
(RHSA-2023:0403) Important: sssd security and bug fix update
2023-01-24 09:46:55
(RHSA-2023:0397) Important: sssd security update
2023-01-24 08:28:46
(RHSA-2023:0442) Important: sssd security update
2023-01-24 15:04:25
oraclelinux
oraclelinux
sssd security and bug fix update
2023-01-24 00:00:00
nessus
nessus
RHEL 7 : sssd (RHSA-2023:0403)
2023-01-24 00:00:00
SUSE SLES15 Security Update : sssd (SUSE-SU-2023:0292-1)
2023-02-08 00:00:00
EulerOS Virtualization 2.9.1 : sssd (EulerOS-SA-2023-2005)
2023-06-02 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2023-2456)
2023-07-31 00:00:00
Ubuntu: Security Advisory (USN-6156-1)
2023-06-13 00:00:00
openSUSE: Security Advisory for sssd (SUSE-SU-2023:0204-1)
2024-03-04 00:00:00
cvelist
cvelist
CVE-2022-4254
2023-02-01 00:00:00
cve
cve
CVE-2022-4254
2023-02-01 17:15:09
ubuntucve
ubuntucve
CVE-2022-4254
2023-02-01 00:00:00
veracode
veracode
LDAP Injection
2023-02-04 15:11:25
centos
centos
prion
prion
Design/Logic Flaw
2023-02-01 17:15:00
osv
osv
CVE-2022-4254
2023-02-01 17:15:09
sssd vulnerability
2023-06-12 12:00:14
sssd - security update
2023-05-29 00:00:00
redhatcve
redhatcve
CVE-2022-4254
2023-01-24 08:05:19
nvd
nvd
CVE-2022-4254
2023-02-01 17:15:09
amazon
amazon
Important: sssd
2023-03-17 16:34:00
Important: sssd
2023-03-30 22:50:00
ubuntu
ubuntu
SSSD vulnerability
2023-06-12 00:00:00
f5
f5
K000136157 : sssd vulnerability CVE-2022-4254
2023-09-12 00:00:00
debian
debian
[SECURITY] [DLA 3436-2] sssd regression update
2023-05-31 16:14:02
[SECURITY] [DLA 3436-1] sssd security update
2023-05-29 13:43:53
ibm
ibm
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.004
Percentile
73.0%
Related for DEBIANCVE:CVE-2022-4254