CVE-2025-11561 in Red Hat정보

요약

\~에 의해 MITRE • 2025. 10. 09.

A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users, potentially resulting in unauthorized access or privilege escalation on domain-joined Linux hosts.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

책임이 있는

Redhat

예약하다

2025. 10. 09.

모더레이션

수락

항목

VDB-327761

EPSS

0.00756

출처

Want to stay up to date on a daily basis?

Enable the mail alert feature now!