Lucene search

RedosROS-20240916-11

HistorySep 16, 2024 - 12:00 a.m.

ROS-20240916-11

2024-09-1600:00:00

redos.red-soft.ru

ssd

sssd

data cleanup

remote access

authentication

denial of service

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

JSON

Vulnerability of the sssctl command of the remote directory access control service and authentication mechanism
SSSD is related to the lack of input data cleanup measures. Exploitation of the vulnerability could allow
a remote attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service.
and cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64sssd< 2.8.2-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	sssd	< 2.8.2-1	UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

Low

JSON

Related for ROS-20240916-11