The vulnerability of the ssedb_search_user_by_upn_res() function in the access control service for remote directories and the authentication mechanism sssd allows a intruder to gain unauthorized access to protected information.

The vulnerability of the ssedbsearchuserbyupnres function of the access control service for remote directories and the sssd authentication mechanism is related to insufficient validation of input data when querying the local cache that stores password hashes. Exploiting this vulnerability could...