fedoraproject sssd CVE-2018-16838 vulnerability in Fedora Project and Other Products
Published on March 25, 2019

product logo product logo product logo
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2018-16838 has been classified to as an Authorization vulnerability or weakness.


Products Associated with CVE-2018-16838

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-16838 are published in these products:

Fedora Project Sssd
 
Red Hat Enterprise Linux (RHEL)
 
Red Hat Virtualization
 
Canonical Ubuntu Linux
 

Affected Versions

[UNKNOWN] sssd Version n/a is affected by CVE-2018-16838

Exploit Probability

EPSS
0.97%
Percentile
76.23%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.