CVE-2021-3621

2021-08-1600:00:00

ubuntu.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

48.8%

JSON

A flaw was found in SSSD, where the sssctl command was vulnerable to shell
command injection via the logs-fetch and cache-expire subcommands. This
flaw allows an attacker to trick the root user into running a specially
crafted sssctl command, such as via sudo, to gain root access. The highest
threat from this vulnerability is to confidentiality, integrity, as well as
system availability.

Bugs

<https://bugzilla.redhat.com/show_bug.cgi?id=1975142>

Notes

Author	Note
leosilva	vulnerability was introduced in v1.13.91 by commit: https://github.com/SSSD/sssd/commit/e157b9f6cb370e1b94bcac2044d26ad66d640fba xenial/esm is not-affected as it is based on 1.13.4-1 and so, code affected is not present.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchsssd< 1.16.1-1ubuntu1.8UNKNOWN
ubuntu20.04noarchsssd< 2.2.3-3ubuntu0.7UNKNOWN
ubuntu21.04noarchsssd< 2.4.0-1ubuntu6.1UNKNOWN
ubuntu21.10noarchsssd< 2.4.1-2ubuntu4UNKNOWN
ubuntu22.04noarchsssd< 2.4.1-2ubuntu4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	sssd	< 1.16.1-1ubuntu1.8	UNKNOWN
ubuntu	20.04	noarch	sssd	< 2.2.3-3ubuntu0.7	UNKNOWN
ubuntu	21.04	noarch	sssd	< 2.4.0-1ubuntu6.1	UNKNOWN
ubuntu	21.10	noarch	sssd	< 2.4.1-2ubuntu4	UNKNOWN
ubuntu	22.04	noarch	sssd	< 2.4.1-2ubuntu4	UNKNOWN