CyberRota
← Ana sayfaya dön

CVE-2026-14474

HIGH · CVSS 8.8

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-07T10:16:39.870 · Çekilme zamanı: 2026-07-07T12:08:23.713349+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-14474
Severity
HIGH
CVSS
8.8
EPSS
Yok

Orijinal NVD Açıklaması

A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo privileges on all SSSD-enrolled hosts.