4.9

CVE-2013-0287

EPSS 0.46%
Veröffentlicht 21.03.2013 16:55:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 19

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fedoraproject ≫ Sssd Version1.9.0

Fedoraproject ≫ Sssd Version1.9.1

Fedoraproject ≫ Sssd Version1.9.2

Fedoraproject ≫ Sssd Version1.9.3

Fedoraproject ≫ Sssd Version1.9.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.46%	0.614

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.9	6.8	4.9	AV:N/AC:M/Au:S/C:P/I:P/A:N

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93

Patch

http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1

Patch

http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html

http://rhn.redhat.com/errata/RHSA-2013-0663.html

http://secunia.com/advisories/52704

Vendor Advisory

http://secunia.com/advisories/52722

Vendor Advisory

http://securitytracker.com/id?1028317

http://www.securityfocus.com/bid/58593

https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html

https://nvd.nist.gov/vuln/detail/CVE-2013-0287

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-0287

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-0287

EUVD