Software: sssd 1.16.5
OS: Cobalt 7.9
CVE-ID: CVE-2018-16883
CVE-Crit: MEDIUM
CVE-DESC: sssd versions 1.13.0 through 2.0.0 incorrectly restricted access to the information channel according to the “allowed_uids” configuration parameter. If sensitive information was stored in a user’s directory, it may have been inadvertently exposed to local attackers.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2019-3811
CVE-Crit: MEDIUM
CVE-DESC: a vulnerability has been discovered in sssd. If a user was configured without a home directory set, sssd will return ‘/’ (root directory) instead of ‘’ (empty string / no home directory). This can affect services that restrict access to a user’s file system within their home directory via chroot () etc. D. All versions prior to 2.1 are vulnerable.
CVE-STATUS: default
CVE-REV: default