Описание
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
Ссылки
- Issue TrackingPatchThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- Issue TrackingPatchThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:authconfig_project:authconfig:6.2.8:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00208
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
redhat
больше 8 лет назад
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
CVSS3: 4.3
github
больше 3 лет назад
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
oracle-oval
больше 8 лет назад
ELSA-2017-2285: authconfig security, bug fix, and enhancement update (MODERATE)
EPSS
Процентиль: 43%
0.00208
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200