Home

CVE-2018-16838

Description

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.966

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libipa_hbac0-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libipa_hbac0-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_idmap0-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_idmap0-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_nss_idmap0-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_nss_idmap0-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_sudo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsss_sudo-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-sssd-config-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) python-sssd-config-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ad-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ad-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-debugsource-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ipa-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ipa-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-common-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-common-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-krb5-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ldap-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-ldap-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-proxy-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-proxy-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-tools-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1477-1(SUSE Linux Enterprise Desktop 12-SP3 ) sssd-tools-debuginfo-1.13.4-34.37.1.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libipa_hbac0-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libipa_hbac0-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_certmap0-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_certmap0-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_idmap0-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_idmap0-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_nss_idmap0-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_nss_idmap0-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_simpleifp0-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) libsss_simpleifp0-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) python-sssd-config-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) python-sssd-config-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-32bit-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ad-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ad-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-debuginfo-32bit-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-debugsource-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ipa-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ipa-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-common-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-common-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-krb5-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ldap-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-ldap-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-proxy-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-proxy-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-tools-1.16.1-4.12.2.x86_64.rpmLinux
SUSE-SU-2019:1480-1(SUSE Linux Enterprise Desktop 12-SP4 ) sssd-tools-debuginfo-1.16.1-4.12.2.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libipa_hbac-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libipa_hbac-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_autofs-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_certmap-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_certmap-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_idmap-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_idmap-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_nss_idmap-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_nss_idmap-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_simpleifp-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_simpleifp-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update libsss_sudo-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update python3-libipa_hbac-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update python3-libsss_nss_idmap-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update python3-sss-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update python3-sss-murmur-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update python3-sssdconfig-2.2.0-19.el8.noarch.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-ad-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-client-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-client-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-common-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-common-pac-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-dbus-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-debugsource-2.2.0-19.el8.i686.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-debugsource-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-ipa-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-kcm-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-krb5-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-krb5-common-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-ldap-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-libwbclient-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-nfs-idmap-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-polkit-rules-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-proxy-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-tools-2.2.0-19.el8.x86_64.rpmLinux
(RHSA-2019:3651) sssd security, bug fix, and enhancement update sssd-winbind-idmap-2.2.0-19.el8.x86_64.rpmLinux
System Security Services Daemon (USN-5067-1) sssd_2.2.3-3ubuntu0.8_amd64.debLinux
System Security Services Daemon (USN-5067-1) sssd_2.4.0-1ubuntu6.1_amd64.debLinux
System Security Services Daemon (USN-5067-1) sssd_1.16.1-1ubuntu1.8_i386.debLinux
System Security Services Daemon (USN-5067-1) sssd_1.16.1-1ubuntu1.8_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234