{"api_version":"1","generated_at":"2026-04-22T17:45:32+00:00","cve":"CVE-2013-0287","urls":{"html":"https://cve.report/CVE-2013-0287","api":"https://cve.report/api/cve/CVE-2013-0287.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-0287","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-0287"},"summary":{"title":"CVE-2013-0287","description":"The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2013-03-21 16:55:00","updated_at":"2013-05-15 03:34:00"},"problem_types":["CWE-264"],"metrics":[],"references":[{"url":"http://rhn.redhat.com/errata/RHSA-2013-0663.html","name":"RHSA-2013:0663","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html","name":"[sssd-devel] 20130319 [SSSD] A security bug in SSSD 1.9 (CVE-2013-0287)","refsource":"MLIST","tags":[],"title":"404 Not Found","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/52722","name":"52722","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Security Advisory SA52722 - Red Hat update for sssd - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html","name":"openSUSE-SU-2013:0559","refsource":"SUSE","tags":[],"title":"openSUSE-SU-2013:0559-1: moderate: sssd: fixed some access control manag","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/52704","name":"52704","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Security Advisory SA52704 - SSSD Simple Access Provider "simple_deny_groups" Access Control Bypass Security Issue - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1028317","name":"1028317","refsource":"SECTRACK","tags":[],"title":"System Security Services Daemon (SSSD) Access Control Flaw Lets Remote Users Bypass Access Controls in Certain Configurations - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b","refsource":"CONFIRM","tags":["Patch"],"title":"Infrastructure/Fedorahosted-retirement - Fedora Project Wiki","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938","name":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938","refsource":"MISC","tags":[],"title":"910938 – (CVE-2013-0287) CVE-2013-0287 sssd: simple access provider flaw prevents intended ACL use when client to an AD provider","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/58593","name":"58593","refsource":"BID","tags":[],"title":"SSSD CVE-2013-0287 Remote Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-0287","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0287","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"287","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"fedoraproject","cpe5":"sssd","cpe6":"1.9.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2013-0287","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_affected":"=","version_value":"n/a"}]}}]}}]}},"references":{"reference_data":[{"url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938","refsource":"MISC","name":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93"},{"url":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1","refsource":"MISC","name":"http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1"},{"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html","refsource":"MISC","name":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html"},{"url":"http://rhn.redhat.com/errata/RHSA-2013-0663.html","refsource":"MISC","name":"http://rhn.redhat.com/errata/RHSA-2013-0663.html"},{"url":"http://secunia.com/advisories/52704","refsource":"MISC","name":"http://secunia.com/advisories/52704"},{"url":"http://secunia.com/advisories/52722","refsource":"MISC","name":"http://secunia.com/advisories/52722"},{"url":"http://securitytracker.com/id?1028317","refsource":"MISC","name":"http://securitytracker.com/id?1028317"},{"url":"http://www.securityfocus.com/bid/58593","refsource":"MISC","name":"http://www.securityfocus.com/bid/58593"},{"url":"https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html","refsource":"MISC","name":"https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html"}]}},"nvd":{"publishedDate":"2013-03-21 16:55:00","lastModifiedDate":"2013-05-15 03:34:00","problem_types":["CWE-264"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.9},"severity":"MEDIUM","exploitabilityScore":6.8,"impactScore":4.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:fedoraproject:sssd:1.9.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:fedoraproject:sssd:1.9.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:fedoraproject:sssd:1.9.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:fedoraproject:sssd:1.9.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:fedoraproject:sssd:1.9.4:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"287","Ordinal":"59431","Title":"CVE-2013-0287","CVE":"CVE-2013-0287","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"287","Ordinal":"1","NoteData":"The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.","Type":"Description","Title":null},{"CveYear":"2013","CveId":"287","Ordinal":"2","NoteData":"2013-03-21","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"287","Ordinal":"3","NoteData":"2013-05-15","Type":"Other","Title":"Modified"}]}}}