Описание
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.11.4-1ubuntu2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.11.4-1ubuntu2]] |
| hardy | DNE | |
| lucid | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 1.11.1-0ubuntu1 |
| trusty | not-affected | 1.11.4-1ubuntu2 |
Показывать по
EPSS
4.9 Medium
CVSS2
Связанные уязвимости
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
The Simple Access Provider in System Security Services Daemon (SSSD) 1 ...
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
ELSA-2013-0663: sssd security and bug fix update (MODERATE)
EPSS
4.9 Medium
CVSS2