What is CVE-2019-3811?

CVE-2019-3811 is a medium-severity vulnerability in The Sssd Project, classified under Information Disclosure. CVSS score: 5.2/10. Published 2019-01-15.

How severe is CVE-2019-3811?

Medium severity. CVSS v3 base score is 5.2 out of 10.

Information disclosure in The Sssd Project

CVE-2019-3811

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's fi…

Vulnerability class: Information Disclosure

EPSS: 0.007 (48.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.2 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H.

Affected products

The Sssd Project — versions 2.1
Debian Debian_linux — versions 8.0
Fedoraproject Fedora
Fedoraproject Sssd
Opensuse Leap — versions 15.0, 42.3
Redhat Enterprise_linux — versions 7.0

Weakness classification (CWE)

References

secalert@redhat.com (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
secalert@redhat.com (vdb-entry, Broken Link, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Issue Tracking, Vendor Advisory)
secalert@redhat.com (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
secalert@redhat.com (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
secalert@redhat.com

Frequently asked questions

What is CVE-2019-3811?: CVE-2019-3811 is a medium-severity vulnerability in The Sssd Project, classified under Information Disclosure. CVSS score: 5.2/10. Published 2019-01-15.
How severe is CVE-2019-3811?: Medium severity. CVSS v3 base score is 5.2 out of 10.