Описание
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1.15.3-2ubuntu1 |
| devel | released | 1.15.3-2ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| esm-infra/xenial | released | 1.13.4-1ubuntu1.10 |
| precise/esm | DNE | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1.13.4-1ubuntu1.10 |
Показывать по
4 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
It was found that sssd's sysdb_search_user_by_upn_res() function befor ...
4 Medium
CVSS2
4.3 Medium
CVSS3