CVE-2023-3758

CVSS v3.1

7.1

High

Vector

AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions sssd (affected versions not specified)

Description A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. The exploitation of this issue may allow a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Race Condition

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-285

Related Identifiers

ALSA-2024:2571

ALSA-2024:3270

ALT-PU-2024-14926

ALT-PU-2024-17440

ALT-PU-2025-1671

BDU:2024-04108

CESA-2024_3270

CVE-2023-3758

DLA-4047-1

INFSA-2024_2571

INFSA-2024_3270

MGASA-2024-0176

OESA-2024-1546

OESA-2024-1572

OESA-2024-1573

OPENSUSE-SU-2024_1549-1

OPENSUSE-SU-2024_1578-1

OPENSUSE-SU-2024_1579-1

RHSA-2024:1919

RHSA-2024:1920

RHSA-2024:1921

RHSA-2024:1922

RHSA-2024:2571

RHSA-2024:3270

RHSA-2024_2571

RHSA-2024_3270

RLSA-2024:2571

RLSA-2024:3270

SUSE-SU-2024:1549-1

SUSE-SU-2024:1563-1

SUSE-SU-2024:1577-1

SUSE-SU-2024:1578-1

SUSE-SU-2024:1579-1

SUSE-SU-2024:1941-1

SUSE-SU-2024_1549-1

SUSE-SU-2024_1563-1

SUSE-SU-2024_1577-1

SUSE-SU-2024_1578-1

SUSE-SU-2024_1579-1

SUSE-SU-2024_1941-1

SUSE-SU-2025:20131-1

USN-6836-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Zvirt Node

Sssd

CVE-2023-3758

Weakness Enumeration

Related Identifiers

Affected Products

References · 82