VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-68qt-2ghp-dba7

Vulnerability ID	VCID-68qt-2ghp-dba7
Aliases	CVE-2010-2940
Summary	sssd: allows null password entry to authenticate against LDAP
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-284	Improper Access Control
CWE-287	Improper Authentication

System	Score	Found at
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00111	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
epss	0.00237	https://api.first.org/data/v1/epss?cve=CVE-2010-2940
cvssv2	5.1	https://nvd.nist.gov/vuln/detail/CVE-2010-2940

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2940.json
		https://api.first.org/data/v1/epss?cve=CVE-2010-2940
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2940
		http://secunia.com/advisories/41159
		https://exchange.xforce.ibmcloud.com/vulnerabilities/61399
594413		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594413
625189		https://bugzilla.redhat.com/show_bug.cgi?id=625189
cpe:2.3:a:fedoraproject:sssd:1.3.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fedoraproject:sssd:1.3.0:::::::*
CVE-2010-2940		https://nvd.nist.gov/vuln/detail/CVE-2010-2940

No exploits are available.

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-2940

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Exploit Prediction Scoring System (EPSS)

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T14:57:06.405494+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2940.json	38.0.0