Known Vulnerabilities for Sssd by Fedoraproject
Listed below are 10 of the newest known vulnerabilities associated with "Sssd" by "Fedoraproject".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-3811 | A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root direc... | 5.2 - MEDIUM | 2019-01-15 | 2023-05-29 |
| CVE-2018-16883 | sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" co... | 5.5 - MEDIUM | 2018-12-19 | 2019-10-09 |
| CVE-2018-16838 | A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permis... | 5.4 - MEDIUM | 2019-03-25 | 2023-05-29 |
| CVE-2018-10852 | The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which mea... | 7.5 - HIGH | 2018-06-26 | 2019-10-09 |
| CVE-2017-12173 | It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its lo... | 8.8 - HIGH | 2018-07-27 | 2019-10-09 |
| CVE-2015-5292 | Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Da... | 6.8 - MEDIUM | 2015-10-29 | 2023-02-13 |
| CVE-2014-0249 | The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a ... | 3.3 - LOW | 2014-06-11 | 2019-04-22 |
| CVE-2013-0287 | The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider ... | 4.9 - MEDIUM | 2013-03-21 | 2013-05-15 |
| CVE-2013-0220 | The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and... | 5 - MEDIUM | 2013-02-24 | 2023-02-13 |
| CVE-2013-0219 | System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tr... | 3.7 - LOW | 2013-02-24 | 2023-02-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fedoraproject | Sssd | 2.1 | All | All | All |
| Application | Fedoraproject | Sssd | 2.0.0 | All | All | All |
| Application | Fedoraproject | Sssd | 1.9.4 | All | All | All |
| Application | Fedoraproject | Sssd | 1.9.3 | All | All | All |
| Application | Fedoraproject | Sssd | 1.9.2 | All | All | All |
| Application | Fedoraproject | Sssd | 1.9.1 | All | All | All |
| Application | Fedoraproject | Sssd | 1.9.0 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.6 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.5 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.4 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.3 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.2 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.1 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.0 | All | All | All |
| Application | Fedoraproject | Sssd | 1.8.0 | beta1 | All | All |
| Application | Fedoraproject | Sssd | 1.8.0 | beta2 | All | All |
| Application | Fedoraproject | Sssd | 1.8.0 | beta3 | All | All |
| Application | Fedoraproject | Sssd | 1.7.0 | All | All | All |
| Application | Fedoraproject | Sssd | 1.6.4 | All | All | All |
| Application | Fedoraproject | Sssd | 1.6.3 | All | All | All |