CVE-2021-3621

Description

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVSS Metrics

• v3.1•HIGH•Score: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
• v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.38%• Percentile: 60%

Techniques & Countermeasures

• CWE-77•Improper Neutralization of Special Elements used in a Command ('Command Injection')

  The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

• CWE-78•Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

  The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Affected Systems

• fedoraproject•fedora

  34

• fedoraproject•sssd

  2.6.0

• redhat•enterprise_linux

  6.0 | 7.0 | 8.0

• redhat•enterprise_linux_eus

  8.1 | 8.2

• redhat•enterprise_linux_server_aus

  8.2 | 8.4

• redhat•enterprise_linux_server_tus

  8.2 | 8.4

• redhat•virtualization

  4.0

• redhat•virtualization_host

  4.0

References (4)

• https://sssd.io/release-notes/sssd-2.6.0.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1975142
• https://lists.debian.org/debian-lts-announce/2023/05/msg00028.html
• https://lists.debian.org/debian-lts-announce/2025/02/msg00008.html