CVE-2023-7090

Summary

A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them.

Affected Software

VendorProductVersion RangeStatus
n/asudo1.8.28unaffected

Weaknesses

  • CWE-269: Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References