Количество 22
Количество 22
BDU:2026-02738
Уязвимость сервиса управления доступом к удаленным каталогам и механизма аутентификации SSSD, связанная с небезопасным управлением привилегиями, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
ROS-20260209-73-0015
Уязвимость sssd
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
CVE-2025-11561
A flaw was found in the integration of Active Directory and the System ...
openSUSE-SU-2026:20001-1
Security update for sssd
SUSE-SU-2025:4247-1
Security update for sssd
SUSE-SU-2025:4232-1
Security update for sssd
SUSE-SU-2025:4231-1
Security update for sssd
SUSE-SU-2025:4183-1
Security update for sssd
SUSE-SU-2025:4182-1
Security update for sssd
SUSE-SU-2025:4181-1
Security update for sssd
RLSA-2025:21020
Important: sssd security update
RLSA-2025:20954
Important: sssd security update
RLSA-2025:19610
Important: sssd security update
GHSA-gj84-8vfx-q3vm
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts.
ELSA-2025-21020
ELSA-2025-21020: sssd security update (IMPORTANT)
ELSA-2025-20954
ELSA-2025-20954: sssd security update (IMPORTANT)
ELSA-2025-19851
ELSA-2025-19851: sssd security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2026-02738 Уязвимость сервиса управления доступом к удаленным каталогам и механизма аутентификации SSSD, связанная с небезопасным управлением привилегиями, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | ROS-20260209-73-0015 Уязвимость sssd | CVSS3: 8.8 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11561 A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
| CVE-2025-11561 A flaw was found in the integration of Active Directory and the System ... | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
 | openSUSE-SU-2026:20001-1 Security update for sssd | 0% Низкий | 3 месяца назад | |
| SUSE-SU-2025:4247-1 Security update for sssd | 0% Низкий | 4 месяца назад | |
| SUSE-SU-2025:4232-1 Security update for sssd | 0% Низкий | 4 месяца назад | |
| SUSE-SU-2025:4231-1 Security update for sssd | 0% Низкий | 4 месяца назад | |
| SUSE-SU-2025:4183-1 Security update for sssd | 0% Низкий | 5 месяцев назад | |
| SUSE-SU-2025:4182-1 Security update for sssd | 0% Низкий | 5 месяцев назад | |
| SUSE-SU-2025:4181-1 Security update for sssd | 0% Низкий | 5 месяцев назад | |
 | RLSA-2025:21020 Important: sssd security update | 0% Низкий | 5 месяцев назад | |
| RLSA-2025:20954 Important: sssd security update | 0% Низкий | 5 месяцев назад | |
| RLSA-2025:19610 Important: sssd security update | 0% Низкий | 5 месяцев назад | |
| GHSA-gj84-8vfx-q3vm A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts. | CVSS3: 8.8 | 0% Низкий | 6 месяцев назад |
| ELSA-2025-21020 ELSA-2025-21020: sssd security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-20954 ELSA-2025-20954: sssd security update (IMPORTANT) | 4 месяца назад | ||
| ELSA-2025-19851 ELSA-2025-19851: sssd security update (IMPORTANT) | 5 месяцев назад |
Уязвимостей на страницу