ALAS2-2021-1715 --- sssdID: oval:org.secpod.oval:def:1700722 | Date: (C)2021-10-11 (M)2024-03-07 |
Class: PATCH | Family: unix |
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability
Product: |
sssd |
libsss_sudo |
libsss_autofs |
python-sss |
libsss_idmap |
libipa_hbac |
python-libipa_hbac |
libsss_nss_idmap |
python-libsss_nss_idmap |
libsss_simpleifp |
libsss_certmap |
python-sssdconfig |