Vulnerability Description
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Enterprise Linux Desktop | 6.0 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server Aus | 7.4 |
| Redhat | Enterprise Linux Server Eus | 7.4 |
| Redhat | Enterprise Linux Workstation | 6.0 |
| Fedoraproject | Sssd | < 1.16.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2017:3379Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:1877Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173Issue TrackingPatchVendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3379Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:1877Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12173Issue TrackingPatchVendor Advisory
FAQ
What is CVE-2017-12173?
CVE-2017-12173 is a vulnerability with a CVSS score of 4.3 (MEDIUM). It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environme...
How severe is CVE-2017-12173?
CVE-2017-12173 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12173?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus, Redhat Enterprise Linux Workstation.