Lucene search

CVE-2022-4254

🗓️ 01 Feb 2023 17:09:15Reported by [email protected]Type

sssd: libsss_certmap fails to sanitise certificate data used in LDAP filter

Reporter	Title	Published	Views	Family All 74
Tenable Nessus	RHEL 7 : sssd (RHSA-2023:0403)	24 Jan 202300:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : sssd (SUSE-SU-2023:0292-1)	8 Feb 202300:00	–	nessus
Tenable Nessus	Debian dla-3436 : libipa-hbac-dev - security update	29 May 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.6.0 : sssd (EulerOS-SA-2023-2249)	13 Jun 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.1 : sssd (EulerOS-SA-2023-2005)	2 Jun 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.0 : sssd (EulerOS-SA-2023-2481)	28 Jul 202300:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.1 : sssd (EulerOS-SA-2023-2456)	28 Jul 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : sssd (EulerOS-SA-2023-1963)	18 May 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : sssd (EulerOS-SA-2023-1985)	18 May 202300:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : sssd (SUSE-SU-2023:0200-1)	28 Jan 202300:00	–	nessus

Nvd

Node

fedoraproject sssdRange1.15.3–2.3.1

Node

redhat enterprise_linuxMatch8.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_for_ibm_z_systemsMatch7.0

redhat enterprise_linux_for_power_big_endianMatch7.0

redhat enterprise_linux_for_power_little_endianMatch7.0

redhat enterprise_linux_for_scientific_computingMatch7.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch8.2

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.1

redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.2

redhat enterprise_linux_server_tusMatch8.2

redhat enterprise_linux_server_update_services_for_sap_solutionsMatch8.1

redhat enterprise_linux_workstationMatch7.0

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2023/05/msg00028.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2022-4254
github	www.github.com/SSSD/sssd/issues/5135
github	www.github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Feb 2023 17:15Current

8.6High risk

Vulners AI Score8.6

CVSS38.8

EPSS0.00568

CWE-90