Описание
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Ссылки
- Third Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.15.3 (включая) до 2.3.1 (исключая)
cpe:2.3:a:fedoraproject:sssd:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.0009
Низкий
8.8 High
CVSS3
Дефекты
CWE-90
CWE-90
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 2 лет назад
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
CVSS3: 8.8
redhat
больше 2 лет назад
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
CVSS3: 8.8
debian
больше 2 лет назад
sssd: libsss_certmap fails to sanitise certificate data used in LDAP f ...
EPSS
Процентиль: 27%
0.0009
Низкий
8.8 High
CVSS3
Дефекты
CWE-90
CWE-90