vulnerability

Oracle Linux: CVE-2018-16838: ELSA-2019-3651: sssd security, bug fix, and enhancement update (LOW) (Multiple Advisories)

Severity
5
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
Feb 4, 2019
Added
Jul 21, 2020
Modified
Dec 6, 2024

Description

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.

Solution(s)

oracle-linux-upgrade-libipa-hbacoracle-linux-upgrade-libipa-hbac-develoracle-linux-upgrade-libsss-autofsoracle-linux-upgrade-libsss-certmaporacle-linux-upgrade-libsss-certmap-develoracle-linux-upgrade-libsss-idmaporacle-linux-upgrade-libsss-idmap-develoracle-linux-upgrade-libsss-nss-idmaporacle-linux-upgrade-libsss-nss-idmap-develoracle-linux-upgrade-libsss-simpleifporacle-linux-upgrade-libsss-simpleifp-develoracle-linux-upgrade-libsss-sudooracle-linux-upgrade-python-libipa-hbacoracle-linux-upgrade-python-libsss-nss-idmaporacle-linux-upgrade-python-sssoracle-linux-upgrade-python-sssdconfigoracle-linux-upgrade-python-sss-murmuroracle-linux-upgrade-sssdoracle-linux-upgrade-sssd-adoracle-linux-upgrade-sssd-clientoracle-linux-upgrade-sssd-commonoracle-linux-upgrade-sssd-common-pacoracle-linux-upgrade-sssd-dbusoracle-linux-upgrade-sssd-ipaoracle-linux-upgrade-sssd-kcmoracle-linux-upgrade-sssd-krb5oracle-linux-upgrade-sssd-krb5-commonoracle-linux-upgrade-sssd-ldaporacle-linux-upgrade-sssd-libwbclientoracle-linux-upgrade-sssd-libwbclient-develoracle-linux-upgrade-sssd-polkit-rulesoracle-linux-upgrade-sssd-proxyoracle-linux-upgrade-sssd-toolsoracle-linux-upgrade-sssd-winbind-idmap
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.