Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-5067-1
HistorySep 08, 2021 - 11:40 a.m.

sssd vulnerabilities

2021-09-0811:40:23
Google
osv.dev
3

7.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.9%

JSON

Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A
local attacker could possibly use this issue to read the sudo rules
available for any user. This issue only affected Ubuntu 18.04 LTS.
(CVE-2018-10852)

It was discovered that SSSD incorrectly handled Group Policy Objects. When
SSSD is configured with too strict permissions causing the GPO to not be
readable, SSSD will allow all authenticated users to login instead of being
denied, contrary to expectations. This issue only affected Ubuntu 18.04
LTS. (CVE-2018-16838)

It was discovered that SSSD incorrectly handled users with no home
directory set. When no home directory was set, SSSD would return the root
directory instead of an empty string, possibly bypassing security measures.
This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3811)

Cedric Buissart discovered that SSSD incorrectly handled the sssctl
command. In certain environments, a local user could use this issue to
execute arbitrary commands and possibly escalate privileges.
(CVE-2021-3621)

Related

openvas 53
nessus 78
ubuntu 1
debian 4
osv 6
amazon 5
centos 3
redhat 5
oraclelinux 4
nvd 3
suse 6
prion 4
cve 4
redhatcve 4
debiancve 3
ubuntucve 3
cvelist 4
veracode 4
mageia 2
fedora 1
gentoo 1
rocky 1
openvas
openvas
Ubuntu: Security Advisory (USN-5067-1)
2021-09-09 00:00:00
Debian: Security Advisory (DLA-3436-1)
2023-05-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0556-1)
2021-04-19 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : SSSD vulnerabilities (USN-5067-1)
2021-09-08 00:00:00
Debian DLA-3436-1 : sssd - LTS security update
2023-05-29 00:00:00
SUSE SLED12 / SLES12 Security Update : sssd (SUSE-SU-2019:0556-1)
2019-03-07 00:00:00
ubuntu
ubuntu
SSSD vulnerabilities
2021-09-08 00:00:00
debian
debian
[SECURITY] [DLA 3436-1] sssd security update
2023-05-29 13:43:53
[SECURITY] [DLA 1429-1] sssd security update
2018-07-16 10:09:58
[SECURITY] [DLA 1635-1] sssd security update
2019-01-17 12:34:29
osv
osv
sssd - security update
2023-05-29 00:00:00
sssd - security update
2018-07-16 00:00:00
sssd - security update
2019-01-17 00:00:00
amazon
amazon
Medium: sssd
2019-10-08 21:07:00
Medium: sssd
2019-10-28 17:45:00
Low: sssd
2019-01-22 18:00:00
centos
centos
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
2019-08-30 04:23:37
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
2018-11-15 18:52:44
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
2021-09-01 13:06:57
redhat
redhat
(RHSA-2019:2177) Moderate: sssd security, bug fix, and enhancement update
2019-08-06 08:10:08
(RHSA-2019:3651) Low: sssd security, bug fix, and enhancement update
2019-11-05 18:11:07
(RHSA-2018:3158) Low: sssd security, bug fix, and enhancement update
2018-10-30 04:24:36
oraclelinux
oraclelinux
sssd security, bug fix, and enhancement update
2019-08-13 00:00:00
sssd security, bug fix, and enhancement update
2018-11-05 00:00:00
sssd security, bug fix, and enhancement update
2019-11-14 00:00:00
nvd
nvd
CVE-2018-16838
2019-03-25 18:29:00
CVE-2018-10852
2018-06-26 14:29:02
CVE-2019-3811
2019-01-15 15:29:00
suse
suse
Security update for sssd (moderate)
2018-08-10 03:11:29
Security update for sssd (moderate)
2019-06-18 00:00:00
Security update for sssd (moderate)
2019-06-19 00:00:00
prion
prion
Design/Logic Flaw
2019-03-25 18:29:00
Code injection
2018-06-26 14:29:00
Design/Logic Flaw
2019-01-15 15:29:00
cve
cve
CVE-2018-16838
2019-03-25 18:29:00
CVE-2018-10852
2018-06-26 14:29:02
CVE-2019-3811
2019-01-15 15:29:00
redhatcve
redhatcve
CVE-2018-16838
2019-02-04 09:20:11
CVE-2018-10852
2018-06-26 03:18:41
CVE-2019-3811
2019-01-11 18:26:42
debiancve
debiancve
CVE-2018-16838
2019-03-25 18:29:00
CVE-2018-10852
2018-06-26 14:29:02
CVE-2019-3811
2019-01-15 15:29:00
ubuntucve
ubuntucve
CVE-2018-10852
2018-06-26 00:00:00
CVE-2018-16838
2019-03-25 00:00:00
CVE-2019-3811
2019-01-15 00:00:00
cvelist
cvelist
CVE-2018-16838
2019-03-25 17:41:18
CVE-2018-10852
2018-06-26 14:00:00
CVE-2019-3811
2019-01-15 15:00:00
veracode
veracode
Improper Access Restriction
2019-08-08 00:07:55
Information Disclosure
2019-01-15 09:26:43
Unauthorised Access
2019-08-08 00:07:55
mageia
mageia
Updated sssd packages fix security vulnerability
2018-08-24 02:35:07
Updated sssd packages fix security vulnerability
2019-12-19 16:44:26
fedora
fedora
[SECURITY] Fedora 34 Update: sssd-2.5.2-2.fc34
2021-08-18 01:12:59
gentoo
gentoo
SSSD: Command Injection
2024-07-01 00:00:00
rocky
rocky
sssd security update
2021-08-16 08:00:18

7.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.9%

JSON
Related for OSV:USN-5067-1
openvas53nessus78ubuntu1debian4osv6amazon5centos3redhat5oraclelinux4nvd3suse6prion4cve4redhatcve4debiancve3ubuntucve3cvelist4veracode4mageia2fedora1gentoo1rocky1