Bug 1640820 (CVE-2018-16838) - CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions
Summary: CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive p...
Status: NEW
Alias: CVE-2018-16838
Product: Security Response
Classification: Other
Component: vulnerability   
(Show other bugs)
Version: unspecified
Hardware: All Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20190204,reported=2...
Keywords: Security
Depends On: 1660874 1669357
Blocks: 1640821
TreeView+ depends on / blocked
 
Reported: 2018-10-18 20:17 UTC by Laura Pardo
Modified: 2019-02-05 16:52 UTC (History)
28 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Laura Pardo 2018-10-18 20:17:18 UTC
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.


Note You need to log in before you can comment on or make changes to this bug.