The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00464.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Fedoraproject
  • Sssd
Redhat
  • Enterprise Linux

Configuration 1 [-]

OR cpe:2.3:a:fedoraproject:sssd:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:sssd:1.9.4:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6
sssd-0:1.9.2-82.4.el6_4 cpe:/o:redhat:enterprise_linux:6 RHSA-2013:0663 2013-03-19T00:00:00Z

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2013-0308 The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended access restrictions.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=910938 cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=26590d31f492dbbd36be6d0bde46a4bd3b221edb cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6569d57e3bc168e6e83d70333b48c5cb43aa04c4 cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=6837eee3f7f81c0ee454d3718d67d7f3cc6b48ef cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=754b09b5444e6da88ed58d6deaed8b815e268b6b cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=7619be9f6bf649665fcbeee9e6b120f9f9cba2a5 cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=8b8019fe3dd1564fba657e219ec20ff816c7ffdb cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=b63830b142053f99bfe954d4be5a2b0f68ce3a93 cve-icon cve-icon
http://git.fedorahosted.org/cgit/sssd.git/patch/?id=c0bca1722d6f9dfb654ad78397be70f79ff39af1 cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2013-03/msg00115.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0663.html cve-icon cve-icon
http://secunia.com/advisories/52704 cve-icon cve-icon
http://secunia.com/advisories/52722 cve-icon cve-icon
http://securitytracker.com/id?1028317 cve-icon cve-icon
http://www.securityfocus.com/bid/58593 cve-icon cve-icon
https://lists.fedorahosted.org/pipermail/sssd-devel/2013-March/014066.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2013-0287 cve-icon
https://www.cve.org/CVERecord?id=CVE-2013-0287 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-06T14:18:09.867Z

Reserved: 2012-12-06T00:00:00

Link: CVE-2013-0287

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2013-03-21T16:55:02.557

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-0287

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-03-19T00:00:00Z

Links: CVE-2013-0287 - Bugzilla

cve-icon OpenCVE Enrichment

No data.