Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-7090

Опубликовано: 23 дек. 2023
Источник: debian
EPSS Низкий

Описание

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
sudofixed1.8.28p1-1package

Примечания

  • https://github.com/sudo-project/sudo/commit/e99082e05b9f0dd0e0f47fa1d2e1b9d922ea8c4c (SUDO_1_8_28p1)

  • https://www.sudo.ws/repos/sudo/rev/b4f31dbe3109

  • https://www.sudo.ws/releases/legacy/#1.8.28

  • https://www.sudo.ws/pipermail/sudo-workers/2019-August/001248.html

  • https://www.sudo.ws/pipermail/sudo-workers/2019-August/001249.html

EPSS

Процентиль: 15%
0.00049
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-7090

CVSS3: 6.6
ubuntu
больше 1 года назад

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

redhat логотип

CVE-2023-7090

CVSS3: 6.6
redhat
почти 6 лет назад

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

nvd логотип

CVE-2023-7090

CVSS3: 6.6
nvd
больше 1 года назад

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

redos логотип

ROS-20240208-01

CVSS3: 8.8
redos
больше 1 года назад

Уязвимость в sudo

github логотип

GHSA-8mrc-5phh-m9pc

CVSS3: 6.6
github
больше 1 года назад

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

EPSS

Процентиль: 15%
0.00049
Низкий