Bug 1640820 (CVE-2018-16838) - CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions
Summary: CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive p...
Status: NEW
Alias: CVE-2018-16838
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20190204,reported=2...
Keywords: Security
Depends On: 1660874 1669357 1712000
Blocks: 1640821
TreeView+ depends on / blocked
 
Reported: 2018-10-18 20:17 UTC by Laura Pardo
Modified: 2019-05-20 15:40 UTC (History)
28 users (show)

(edit)
Clone Of:
(edit)
Last Closed:


Attachments (Terms of Use)

Description Laura Pardo 2018-10-18 20:17:18 UTC
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.

Comment 8 Cedric Buissart 🐶 2019-05-20 15:38:32 UTC
Upstream fix : https://pagure.io/SSSD/sssd/c/ad058011b6b75b15c674be46a3ae9b3cc5228175


Note You need to log in before you can comment on or make changes to this bug.