Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3621

Опубликовано: 23 дек. 2021
Источник: debian
EPSS Низкий

Описание

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sssdfixed2.5.2-1package

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1975142

  • https://github.com/SSSD/sssd/commit/7ab83f97e1cbefb78ece17232185bdd2985f0bbe (sssd-2-7)

  • https://github.com/SSSD/sssd/commit/b4b32677a886bc26d60ce0171505aa3ab0c82c8a (sssd-1-16)

  • Introduced by https://github.com/SSSD/sssd/commit/e157b9f6cb370e1b94bcac2044d26ad66d640fba (v1.13.91)

EPSS

Процентиль: 64%
0.00478
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-3621

CVSS3: 8.8
ubuntu
больше 3 лет назад

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

redhat логотип

CVE-2021-3621

CVSS3: 6.7
redhat
почти 4 года назад

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

nvd логотип

CVE-2021-3621

CVSS3: 8.8
nvd
больше 3 лет назад

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

suse-cvrf логотип

openSUSE-SU-2021:2941-1

suse-cvrf
почти 4 года назад

Security update for sssd

suse-cvrf логотип

SUSE-SU-2022:2763-1

suse-cvrf
почти 3 года назад

Security update for sssd

EPSS

Процентиль: 64%
0.00478
Низкий