Количество 19
Количество 19
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System ...
openSUSE-SU-2026:20001-1
Security update for sssd
SUSE-SU-2025:4247-1
Security update for sssd
SUSE-SU-2025:4232-1
Security update for sssd
SUSE-SU-2025:4231-1
Security update for sssd
SUSE-SU-2025:4183-1
Security update for sssd
SUSE-SU-2025:4182-1
Security update for sssd
SUSE-SU-2025:4181-1
Security update for sssd
RLSA-2025:21020
Important: sssd security update
RLSA-2025:20954
Important: sssd security update
RLSA-2025:19610
Important: sssd security update
GHSA-gj84-8vfx-q3vm
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.
ELSA-2025-21020
ELSA-2025-21020: sssd security update (IMPORTANT)
ELSA-2025-20954
ELSA-2025-20954: sssd security update (IMPORTANT)
ELSA-2025-19851
ELSA-2025-19851: sssd security update (IMPORTANT)
ELSA-2025-19847
ELSA-2025-19847: sssd security update (IMPORTANT)
ELSA-2025-19610
ELSA-2025-19610: sssd security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 4 месяца назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 4 месяца назад |
| CVE-2025-11561 A flaw was found in the integration of Active Directory and the System ... | CVSS3: 8.8 | 0% Низкий | 4 месяца назад |
 | openSUSE-SU-2026:20001-1 Security update for sssd | 0% Низкий | около 1 месяца назад | |
| SUSE-SU-2025:4247-1 Security update for sssd | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:4232-1 Security update for sssd | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:4231-1 Security update for sssd | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:4183-1 Security update for sssd | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:4182-1 Security update for sssd | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:4181-1 Security update for sssd | 0% Низкий | 2 месяца назад | |
 | RLSA-2025:21020 Important: sssd security update | 0% Низкий | 3 месяца назад | |
| RLSA-2025:20954 Important: sssd security update | 0% Низкий | 3 месяца назад | |
| RLSA-2025:19610 Important: sssd security update | 0% Низкий | 3 месяца назад | |
| GHSA-gj84-8vfx-q3vm A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 4 месяца назад |
| ELSA-2025-21020 ELSA-2025-21020: sssd security update (IMPORTANT) | 2 месяца назад | ||
| ELSA-2025-20954 ELSA-2025-20954: sssd security update (IMPORTANT) | 2 месяца назад | ||
| ELSA-2025-19851 ELSA-2025-19851: sssd security update (IMPORTANT) | 3 месяца назад | ||
| ELSA-2025-19847 ELSA-2025-19847: sssd security update (IMPORTANT) | 2 месяца назад | ||
| ELSA-2025-19610 ELSA-2025-19610: sssd security update (IMPORTANT) | 3 месяца назад |
Уязвимостей на страницу