A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
References
Configurations
History
29 May 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-269 | |
References |
|
13 Feb 2023, 04:51
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access. | |
CWE | CWE-284 |
02 Feb 2023, 21:18
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions | |
References |
|
Information
Published : 2019-03-25 18:29
Updated : 2023-12-10 12:59
NVD link : CVE-2018-16838
Mitre link : CVE-2018-16838
CVE.ORG link : CVE-2018-16838
JSON object : View
Products Affected
fedoraproject
- sssd
redhat
- enterprise_linux