Описание
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
Ссылки
- Broken LinkThird Party Advisory
- ExploitIssue TrackingPatch
- ExploitIssue TrackingThird Party Advisory
- Broken LinkThird Party Advisory
- ExploitIssue TrackingPatch
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider log ...
A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context.
EPSS
8.8 High
CVSS3
6.5 Medium
CVSS2