Group Membership Bypass Vulnerability in SSSD 1.11.6

CVE-2014-0249 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:P/A:N

The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.

Learn more about our User Device Pen Test.