Количество 22
Количество 22
GHSA-gj84-8vfx-q3vm
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System ...
openSUSE-SU-2026:20001-1
Security update for sssd
SUSE-SU-2025:4247-1
Security update for sssd
SUSE-SU-2025:4232-1
Security update for sssd
SUSE-SU-2025:4231-1
Security update for sssd
SUSE-SU-2025:4183-1
Security update for sssd
SUSE-SU-2025:4182-1
Security update for sssd
SUSE-SU-2025:4181-1
Security update for sssd
RLSA-2025:21020
Important: sssd security update
RLSA-2025:20954
Important: sssd security update
RLSA-2025:19610
Important: sssd security update
ELSA-2025-21020
ELSA-2025-21020: sssd security update (IMPORTANT)
ELSA-2025-20954
ELSA-2025-20954: sssd security update (IMPORTANT)
ELSA-2025-19851
ELSA-2025-19851: sssd security update (IMPORTANT)
ELSA-2025-19847
ELSA-2025-19847: sssd security update (IMPORTANT)
ELSA-2025-19610
ELSA-2025-19610: sssd security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-gj84-8vfx-q3vm A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
| CVE-2025-11561 A flaw was found in the integration of Active Directory and the System ... | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | openSUSE-SU-2026:20001-1 Security update for sssd | 0% Низкий | 3 месяца назад | |
| SUSE-SU-2025:4247-1 Security update for sssd | 0% Низкий | 4 месяца назад | |
| SUSE-SU-2025:4232-1 Security update for sssd | 0% Низкий | 4 месяца назад | |
| SUSE-SU-2025:4231-1 Security update for sssd | 0% Низкий | 4 месяца назад | |
| SUSE-SU-2025:4183-1 Security update for sssd | 0% Низкий | 5 месяцев назад | |
| SUSE-SU-2025:4182-1 Security update for sssd | 0% Низкий | 5 месяцев назад | |
| SUSE-SU-2025:4181-1 Security update for sssd | 0% Низкий | 5 месяцев назад | |
 | RLSA-2025:21020 Important: sssd security update | 0% Низкий | 5 месяцев назад | |
| RLSA-2025:20954 Important: sssd security update | 0% Низкий | 5 месяцев назад | |
| RLSA-2025:19610 Important: sssd security update | 0% Низкий | 5 месяцев назад | |
| ELSA-2025-21020 ELSA-2025-21020: sssd security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-20954 ELSA-2025-20954: sssd security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-19851 ELSA-2025-19851: sssd security update (IMPORTANT) | 5 месяцев назад | ||
| ELSA-2025-19847 ELSA-2025-19847: sssd security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-19610 ELSA-2025-19610: sssd security update (IMPORTANT) | 5 месяцев назад |
Уязвимостей на страницу