sssd is vulnerable to information disclosure attacks. The vulnerability exists as it was found that sssd’s sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
access.redhat.com/errata/RHSA-2017:3379
access.redhat.com/errata/RHSA-2018:1877
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1506142
bugzilla.redhat.com/show_bug.cgi?id=1506682
bugzilla.redhat.com/show_bug.cgi?id=1509177
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173