CVE-2017-12173 : Security Advisory and Response
Discover the impact of CVE-2017-12173, a vulnerability in sssd before version 1.16.0 allowing for injection attacks. Learn about affected systems, exploitation, and mitigation steps.
A vulnerability was discovered in the function sysdb_search_user_by_upn_res() in sssd before version 1.16.0, allowing for injection attacks.
Understanding CVE-2017-12173
This CVE involves a vulnerability in the sssd software that could be exploited by an authenticated attacker to retrieve password hashes.
What is CVE-2017-12173?
The vulnerability in sssd's sysdb_search_user_by_upn_res() function before version 1.16.0 could be abused to obtain password hashes.
The Impact of CVE-2017-12173
- CVSS Base Score: 4.3 (Medium)
- Attack Vector: Network
- Attack Complexity: Low
- Confidentiality Impact: Low
- Integrity Impact: None
- Privileges Required: Low
- This vulnerability could lead to unauthorized access to password hashes.
Technical Details of CVE-2017-12173
The technical aspects of the vulnerability in sssd before version 1.16.0.
Vulnerability Description
The sysdb_search_user_by_upn_res() function in sssd did not properly sanitize requests, making it vulnerable to injection attacks.
Affected Systems and Versions
- Affected Product: sssd
- Vendor: SSSD
- Affected Version: 1.16.0
Exploitation Mechanism
- An authenticated attacker could exploit this weakness to obtain password hashes cached locally.
Mitigation and Prevention
Steps to mitigate and prevent exploitation of CVE-2017-12173.
Immediate Steps to Take
- Update sssd to version 1.16.0 or later to patch the vulnerability.
- Monitor for any unauthorized access attempts.
Long-Term Security Practices
- Implement strong authentication mechanisms.
- Regularly review and update security configurations.
Patching and Updates
- Apply security patches promptly to prevent exploitation of known vulnerabilities.