vulnerability
Amazon Linux AMI 2: CVE-2021-3621: Security patch for sssd (ALAS-2021-1715)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Oct 7, 2021 | Oct 7, 2021 | Sep 30, 2022 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Oct 7, 2021
Added
Oct 7, 2021
Modified
Sep 30, 2022
Description
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Solution(s)
amazon-linux-ami-2-upgrade-libipa_hbacamazon-linux-ami-2-upgrade-libipa_hbac-develamazon-linux-ami-2-upgrade-libsss_autofsamazon-linux-ami-2-upgrade-libsss_certmapamazon-linux-ami-2-upgrade-libsss_certmap-develamazon-linux-ami-2-upgrade-libsss_idmapamazon-linux-ami-2-upgrade-libsss_idmap-develamazon-linux-ami-2-upgrade-libsss_nss_idmapamazon-linux-ami-2-upgrade-libsss_nss_idmap-develamazon-linux-ami-2-upgrade-libsss_simpleifpamazon-linux-ami-2-upgrade-libsss_simpleifp-develamazon-linux-ami-2-upgrade-libsss_sudoamazon-linux-ami-2-upgrade-python-libipa_hbacamazon-linux-ami-2-upgrade-python-libsss_nss_idmapamazon-linux-ami-2-upgrade-python-sssamazon-linux-ami-2-upgrade-python-sss-murmuramazon-linux-ami-2-upgrade-python-sssdconfigamazon-linux-ami-2-upgrade-sssdamazon-linux-ami-2-upgrade-sssd-adamazon-linux-ami-2-upgrade-sssd-clientamazon-linux-ami-2-upgrade-sssd-commonamazon-linux-ami-2-upgrade-sssd-common-pacamazon-linux-ami-2-upgrade-sssd-dbusamazon-linux-ami-2-upgrade-sssd-debuginfoamazon-linux-ami-2-upgrade-sssd-ipaamazon-linux-ami-2-upgrade-sssd-kcmamazon-linux-ami-2-upgrade-sssd-krb5amazon-linux-ami-2-upgrade-sssd-krb5-commonamazon-linux-ami-2-upgrade-sssd-ldapamazon-linux-ami-2-upgrade-sssd-libwbclientamazon-linux-ami-2-upgrade-sssd-libwbclient-develamazon-linux-ami-2-upgrade-sssd-polkit-rulesamazon-linux-ami-2-upgrade-sssd-proxyamazon-linux-ami-2-upgrade-sssd-toolsamazon-linux-ami-2-upgrade-sssd-winbind-idmap
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.