Description
A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.
References (28)
... and 8 more
Scores
CVSS v3
8.8
EPSS
0.0005
EPSS Percentile
16.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (30)
Red Hat/Red Hat Ceph Storage 7
sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631
Red Hat/Red Hat Ceph Storage 7
sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2
Red Hat/Red Hat Ceph Storage 8
sha256:04a48d31f7336e0d5958eed1ddb1a117148f791baccef4e6e08943181e6794c8
Red Hat/Red Hat Enterprise Linux 10
0:2.10.2-3.el10_0.3
Red Hat/Red Hat Enterprise Linux 10
0:2.11.1-2.el10_1.1
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7 Extended Lifecycle Support
0:1.16.5-10.el7_9.17
Red Hat/Red Hat Enterprise Linux 8
0:2.9.4-5.el8_10.3
Red Hat/Red Hat Enterprise Linux 8.2 Advanced Update Support
0:2.2.3-20.el8_2.3
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
0:2.4.0-9.el8_4.4
... and 20 more
Published
Oct 09, 2025
Tracked Since
Feb 18, 2026