vulnerability
CentOS Linux: CVE-2017-12173: Moderate: sssd security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Nov 6, 2017 | Dec 7, 2017 | May 25, 2023 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Nov 6, 2017
Added
Dec 7, 2017
Modified
May 25, 2023
Description
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
Solutions
centos-upgrade-ding-libs-debuginfocentos-upgrade-libbasicobjectscentos-upgrade-libbasicobjects-develcentos-upgrade-libcollectioncentos-upgrade-libcollection-develcentos-upgrade-libdhashcentos-upgrade-libdhash-develcentos-upgrade-libini_configcentos-upgrade-libini_config-develcentos-upgrade-libipa_hbaccentos-upgrade-libipa_hbac-develcentos-upgrade-libpath_utilscentos-upgrade-libpath_utils-develcentos-upgrade-libref_arraycentos-upgrade-libref_array-develcentos-upgrade-libsss_autofscentos-upgrade-libsss_certmapcentos-upgrade-libsss_certmap-develcentos-upgrade-libsss_idmapcentos-upgrade-libsss_idmap-develcentos-upgrade-libsss_nss_idmapcentos-upgrade-libsss_nss_idmap-develcentos-upgrade-libsss_simpleifpcentos-upgrade-libsss_simpleifp-develcentos-upgrade-libsss_sudocentos-upgrade-python-libipa_hbaccentos-upgrade-python-libsss_nss_idmapcentos-upgrade-python-ssscentos-upgrade-python-sss-murmurcentos-upgrade-python-sssdconfigcentos-upgrade-sssdcentos-upgrade-sssd-adcentos-upgrade-sssd-clientcentos-upgrade-sssd-commoncentos-upgrade-sssd-common-paccentos-upgrade-sssd-dbuscentos-upgrade-sssd-debuginfocentos-upgrade-sssd-ipacentos-upgrade-sssd-kcmcentos-upgrade-sssd-krb5centos-upgrade-sssd-krb5-commoncentos-upgrade-sssd-ldapcentos-upgrade-sssd-libwbclientcentos-upgrade-sssd-libwbclient-develcentos-upgrade-sssd-polkit-rulescentos-upgrade-sssd-proxycentos-upgrade-sssd-toolscentos-upgrade-sssd-winbind-idmap
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.