Fedora SSSD - System Security Services Daemon 2.6.0
Approved changes feed: RSS · Atom
cpe:2.3:a:fedoraproject:sssd:2.6.0:*:*:*:*:*:*:*
part: a version: 2.6.0 update: *
| Vendor | Fedoraproject (edb280c5-6017-5a8b-8553-28ce724531a7) |
|---|---|
| Product | Sssd (b7a5aa9a-3cdc-5470-8c42-ec356f4f4e7e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/sssd |
purl2cpe | 2026-06-01 10:15:31.032907 |
pkg:deb/ubuntu/sssd |
purl2cpe | 2026-06-01 10:15:31.032908 |
pkg:github/sssd/sssd |
purl2cpe | 2026-06-01 10:15:31.032909 |
pkg:rpm/fedora/sssd |
purl2cpe | 2026-06-01 10:15:31.032911 |
pkg:rpm/opensuse/sssd |
purl2cpe | 2026-06-01 10:15:31.032912 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-3621 |
vulnerable | 2026-06-03 14:45:12.198713 |
Details available
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Published: 2021-12-23T00:00:00.000Z
Updated: 2025-11-03T20:33:46.999Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.