PT-2026-56172 · Sssd · Sssd

Ian Murphy

·

Published

2026-07-07

·

Updated

2026-07-07

·

CVE-2026-14476

CVSS v3.1

8.0

High

VectorAV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions SSSD (affected versions not specified)
Description A path traversal flaw exists in the AD GPO provider of SSSD. The ad gpo extract smb components() function fails to sanitize .. sequences within the gPCFileSysPath LDAP attribute. This allows an attacker with AD GPO management access to write files outside the GPO cache directory with root privileges. In default RHEL configurations where SELinux is enforcing, this flaw can be exploited to inject Kerberos configuration, potentially resulting in an authentication bypass.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Relative Path Traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-14476

Affected Products

Sssd