DEBIAN-CVE-2023-3758

DEBIAN-CVE-2023-3758 PUBLISHED CVSS 7.099999904632568 HIGH

A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

Risk Scores

CVSS 3.1

7.099999904632568

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Debian:11	sssd	0, 2.4.1-2, 2.4.1-2
Debian:12	sssd	0, 2.8.2-4, 0
Debian:13	sssd	0, 0, 0
Debian:14	sssd	0

Timeline

Apr 18, 2024 CVE Published
May 10, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-3758 advisory

Open in Interactive Console →