Unrated severityNVD Advisory· Published Jun 11, 2014· Updated Jun 17, 2026
CVE-2014-0249
CVE-2014-0249
Description
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:fedoraproject:sssd:1.11.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- osv-coords5 versionspkg:rpm/opensuse/sssd&distro=openSUSE%20Tumbleweedpkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 1.14.2-3.1+ 4 more
- (no CPE)range: < 1.14.2-3.1
- (no CPE)range: < 1.11.5.1-28.1
- (no CPE)range: < 1.11.5.1-28.1
- (no CPE)range: < 1.11.5.1-28.1
- (no CPE)range: < 1.11.5.1-28.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.