Test ID:	1.3.6.1.4.1.25623.1.1.2.2024.1847
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-1847)
Summary:	The remote host is missing an update for the Huawei EulerOS 'sssd' package(s) announced via the EulerOS-SA-2024-1847 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'sssd' package(s) announced via the EulerOS-SA-2024-1847 advisory. Vulnerability Insight: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.(CVE-2023-3758) Affected Software/OS: 'sssd' package(s) on Huawei EulerOS V2.0SP11(x86_64). Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:A/AC:H/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-3758 RHBZ#2223762 https://bugzilla.redhat.com/show_bug.cgi?id=2223762 RHSA-2024:1919 https://access.redhat.com/errata/RHSA-2024:1919 RHSA-2024:1920 https://access.redhat.com/errata/RHSA-2024:1920 RHSA-2024:1921 https://access.redhat.com/errata/RHSA-2024:1921 RHSA-2024:1922 https://access.redhat.com/errata/RHSA-2024:1922 RHSA-2024:2571 https://access.redhat.com/errata/RHSA-2024:2571 RHSA-2024:3270 https://access.redhat.com/errata/RHSA-2024:3270 https://access.redhat.com/security/cve/CVE-2023-3758 https://github.com/SSSD/sssd/pull/7302 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RV3HIZI3SURBUQKSOOL3XE64OOBQ2HTK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XEP62IDS7A55D5UHM6GH7QZ7SQFOAPVF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XMORAO2BDDA5YX4ZLMXDZ7SM6KU47SY5/
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.