Podatność CVE-2022-4254
Publikacja: 2023-02-01

Opis:
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

Typ:

CWE-90

 (Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection'))

 Referencje:
https://access.redhat.com/security/cve/CVE-2022-4254
https://github.com/SSSD/sssd/issues/5135
https://bugzilla.redhat.com/show_bug.cgi?id=2149894
https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274
Copyright 2024, cxsecurity.com

 

Back to Top