UbuntuUSN-6836-1SSSD vulnerability
7.1 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
14.3%
Releases
- Ubuntu 24.04 LTS
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- sssd - System Security Services Daemon
Details
It was discovered that SSSD did not always correctly apply the GPO policy
for authenticated users, contrary to expectations. This could result in
improper authorization or improper access to resources.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 24.04 | noarch | sssd | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libipa-hbac-dev | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libipa-hbac0t64 | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libipa-hbac0t64-dbgsym | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libnss-sss | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libnss-sss-dbgsym | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libpam-sss | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libpam-sss-dbgsym | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libsss-certmap-dev | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
| Ubuntu | 24.04 | noarch | libsss-certmap0 | < 2.9.4-1.1ubuntu6.1 | UNKNOWN |
References
Related
7.1 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
14.3%