VYPR
Medium severity4.3NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026

CVE-2017-12173

CVE-2017-12173

Description

It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.