{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T00:35:07.283","vulnerabilities":[{"cve":{"id":"CVE-2023-7090","sourceIdentifier":"secalert@redhat.com","published":"2023-12-23T23:15:07.560","lastModified":"2024-11-21T08:45:13.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd.conf was not propagated in sudo. Therefore, it leads to privilege mismanagement vulnerability in applications, where client hosts retain privileges even after retracting them."},{"lang":"es","value":"Se encontró una falla en sudo en el manejo de ipa_hostname, donde ipa_hostname de /etc/sssd/sssd.conf no se propagó en sudo. Por lo tanto, genera una vulnerabilidad de mala gestión de privilegios en las aplicaciones, donde los hosts de los clientes conservan los privilegios incluso después de retirarlos."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*","versionEndExcluding":"1.8.28","matchCriteriaId":"07F52D32-AC76-42B8-B59F-57D5E36010CB"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2023-7090","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255723","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00002.html","source":"secalert@redhat.com"},{"url":"https://security.netapp.com/advisory/ntap-20240208-0001/","source":"secalert@redhat.com"},{"url":"https://www.sudo.ws/releases/legacy/#1.8.28","source":"secalert@redhat.com","tags":["Release Notes"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-7090","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255723","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00002.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20240208-0001/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.sudo.ws/releases/legacy/#1.8.28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]}]}}]}