ГлавнаяУязвимости → CVE-2023-3758
7.1высокая

CVE-2023-3758

Описание

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

Затрагиваемое ПО
Fedoraproject SssdRedhat Codeready linux builderRedhat Codeready linux builder eusRedhat Codeready linux builder for arm64Redhat Codeready linux builder for arm64 eusRedhat Codeready linux builder for ibm z systemsRedhat Codeready linux builder for ibm z systems eusRedhat Codeready linux builder for power little endianRedhat Codeready linux builder for power little endian eusRedhat Virtualization hostRedhat Enterprise linuxRedhat Enterprise linux eusRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endianRedhat Enterprise linux for power little endian eusRedhat Enterprise linux server ausRedhat Enterprise linux server for power little endian update services for sap solutionsRedhat Enterprise linux server tusRedhat Enterprise linux update services for sap solutionsFedoraproject Fedora
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2024:1919https://access.redhat.com/errata/RHSA-2024:1920https://access.redhat.com/errata/RHSA-2024:1921https://access.redhat.com/errata/RHSA-2024:1922https://access.redhat.com/errata/RHSA-2024:2571https://access.redhat.com/errata/RHSA-2024:3270https://access.redhat.com/security/cve/CVE-2023-3758https://bugzilla.redhat.com/show_bug.cgi?id=2223762