Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 12 SP4 package sssd, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2018-16838 — CVSS 5.4 (medium): A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings…
CVE-2019-3811 — CVSS 5.2 (medium): A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead…
CVE-2018-10852 — CVSS 3.8 (low): The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone…