VYPR
Low severity3.8NVD Advisory· Published Jun 26, 2018· Updated Jun 17, 2026

CVE-2018-10852

CVE-2018-10852

Description

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.