23 matches found
UBUNTU-CVE-2021-3621
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest...
SSSD 操作系统命令注入漏洞
SSSD is a daemon that provides access to local or remote identity and authentication resources. SSSD suffers from an operating system command injection vulnerability that stems from a flaw found in SSSD where the ssssctl command can easily inject shell commands via the log -fetch and cache-expire...
PT-2021-7962 · Sssd +10 · Sssd +10
Name of the Vulnerable Software and Affected Versions: SSSD affected versions not specified Description: The issue is related to the sssctl command in the SSSD service, which lacks input sanitization measures. This allows a remote attacker to exploit the vulnerability, potentially gaining access ...