CVE-2017-7488
Description
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.208
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2017:2285) Moderate: authconfig security, bug fix, and enhancement update authconfig-6.2.8-30.el7.x86_64.rpm | Linux |
| (RHSA-2017:2285) Moderate: authconfig security, bug fix, and enhancement update authconfig-gtk-6.2.8-30.el7.x86_64.rpm | Linux |
| Authconfig update (ELSA-2017-2285) authconfig-6.2.8-30.el7.x86_64.rpm | Linux |
| Authconfig-gtk update (ELSA-2017-2285) authconfig-gtk-6.2.8-30.el7.x86_64.rpm | Linux |
| (CESA-2017:2285) Moderate: authconfig security, bug fix, and enhancement update authconfig-6.2.8-30.el7.x86_64.rpm | Linux |
| (CESA-2017:2285) Moderate: authconfig security, bug fix, and enhancement update authconfig-gtk-6.2.8-30.el7.x86_64.rpm | Linux |
| (RHSA-2017:2285)Moderate: security, bug fix, and enhancement update authconfig-debuginfo-6.2.8-30.el7.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234