A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access. CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2018-16838 User=admin}