CVE-2021-3621

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3621

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3621.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-3621

Downstream

DEBIAN-CVE-2021-3621

DLA-2758-1

DLA-3436-1

DLA-4047-1

OESA-2021-1340

RHSA-2021:3151

RHSA-2021:3178

RHSA-2021:3235

RHSA-2021:3336

RHSA-2021:3365

RHSA-2021:3477

SUSE-RU-2021:3185-1

SUSE-SU-2021:2873-1

SUSE-SU-2021:2941-1

SUSE-SU-2022:0826-1

SUSE-SU-2022:1258-1

SUSE-SU-2022:2763-1

UBUNTU-CVE-2021-3621

USN-5067-1

openSUSE-SU-2021:2941-1

openSUSE-SU-2024:13446-1

Related

Published

2021-12-23T21:15:08.920Z

Modified

2025-11-29T08:33:17.955173Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

References

Affected packages

Git / github.com/sssd/sssd

Affected ranges

Type: GIT
Repo: https://github.com/sssd/sssd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

bd71ae53fc0b4bf58633bfd957f7eb1745814dfa