A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
[
{
"vendor": "n/a",
"product": "sssd",
"versions": [
{
"version": "sssd 2.6.0",
"status": "affected"
}
]
}
]