Описание
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | sssd | Not affected | ||
| Red Hat Enterprise Linux 6 | sssd | Not affected | ||
| Red Hat Enterprise Linux 7 | sssd | Fixed | RHSA-2019:2177 | 06.08.2019 |
| Red Hat Enterprise Linux 8 | sssd | Fixed | RHSA-2019:3651 | 05.11.2019 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | imgbased | Fixed | RHSA-2019:2437 | 12.08.2019 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | ovirt-node-ng | Fixed | RHSA-2019:2437 | 12.08.2019 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | redhat-release-virtualization-host | Fixed | RHSA-2019:2437 | 12.08.2019 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | redhat-virtualization-host | Fixed | RHSA-2019:2437 | 12.08.2019 |
Показывать по
Дополнительная информация
Статус:
5.4 Medium
CVSS3
Связанные уязвимости
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
A flaw was found in sssd Group Policy Objects implementation. When the ...
5.4 Medium
CVSS3