Skip to content

security advisory CVE 2023 34060

Jump to bottom
Siju Maliakkal edited this page Nov 14, 2023 · 3 revisions

[Critical] Photon OS Security Advisory

Summary

Advisory ID: PHSA-2023-CVE-2023-34060
Type : Security
Severity : Critical
Issued on : 2023-11-14
Affected versions : 3.0,4.0,5.0

Description

sssd package installation adds several unsafe options into pam.d configuration files by default.
These unsafe options can give an attacker unauthorized access to systems.

Affected Packages:

[Critical]

sssd - CVE-2023-34060

Resolution

This is a known issue of sssd. Users must check PAM configuration files for safety.

Workaround

Check configuration files system-account, system-auth, system-password, system-session in /etc/pam.d directory.
If 'sufficient' option found, change it to 'required' for pam_unix.so line.

Home | Download Photon OS | Documentation | VMware on GitHub

Clone this wiki locally