12 matches found
RHEL 6 : sssd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: shell command injection in sssctl CVE-2021-3621 - The UNIX pipe which sudo uses to contact SSSD and...
SUSE CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
UBUNTU-CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
DEBIAN-CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
Design/Logic Flaw
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
CVE-2018-16883 affects sssd versions 1.13.0 to before 2.0.0. The vulnerability stems from improper restriction of access to the infopipe per the allowed_uids config, potentially exposing sensitive information in the user directory to local attackers. Impact is local, with partial confidentiality ...
CVE-2018-16883
sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers...
CVE-2018-16883
sssd, versions 1.13.0 to before 2.0.0, did not properly restrict access to the infopipe according to the "alloweduids" configuration parameter. Sensitive information could be inadvertently disclosed to local attackers if it was stored in the user directory. Mitigation This vulnerability is only...