vulnerability
Oracle Linux: CVE-2021-3621: ELSA-2021-3151: sssd security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:M/C:C/I:C/A:C) | 2021-08-16 | 2021-08-17 | 2025-01-07 |
Severity
6
CVSS
(AV:L/AC:L/Au:M/C:C/I:C/A:C)
Published
2021-08-16
Added
2021-08-17
Modified
2025-01-07
Description
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Solution(s)
oracle-linux-upgrade-libipa-hbacoracle-linux-upgrade-libipa-hbac-develoracle-linux-upgrade-libsss-autofsoracle-linux-upgrade-libsss-certmaporacle-linux-upgrade-libsss-certmap-develoracle-linux-upgrade-libsss-idmaporacle-linux-upgrade-libsss-idmap-develoracle-linux-upgrade-libsss-nss-idmaporacle-linux-upgrade-libsss-nss-idmap-develoracle-linux-upgrade-libsss-simpleifporacle-linux-upgrade-libsss-simpleifp-develoracle-linux-upgrade-libsss-sudooracle-linux-upgrade-python3-libipa-hbacoracle-linux-upgrade-python3-libsss-nss-idmaporacle-linux-upgrade-python3-sssoracle-linux-upgrade-python3-sssdconfigoracle-linux-upgrade-python3-sss-murmuroracle-linux-upgrade-python-libipa-hbacoracle-linux-upgrade-python-libsss-nss-idmaporacle-linux-upgrade-python-sssoracle-linux-upgrade-python-sssdconfigoracle-linux-upgrade-python-sss-murmuroracle-linux-upgrade-sssdoracle-linux-upgrade-sssd-adoracle-linux-upgrade-sssd-clientoracle-linux-upgrade-sssd-commonoracle-linux-upgrade-sssd-common-pacoracle-linux-upgrade-sssd-dbusoracle-linux-upgrade-sssd-ipaoracle-linux-upgrade-sssd-kcmoracle-linux-upgrade-sssd-krb5oracle-linux-upgrade-sssd-krb5-commonoracle-linux-upgrade-sssd-ldaporacle-linux-upgrade-sssd-libwbclientoracle-linux-upgrade-sssd-libwbclient-develoracle-linux-upgrade-sssd-nfs-idmaporacle-linux-upgrade-sssd-polkit-rulesoracle-linux-upgrade-sssd-proxyoracle-linux-upgrade-sssd-toolsoracle-linux-upgrade-sssd-winbind-idmap
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.