Описание
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | ibus-anthy | Not affected | ||
| Red Hat Enterprise Linux 6 | ibus-chewing | Not affected | ||
| Red Hat Enterprise Linux 6 | ibus-pinyin | Not affected | ||
| Red Hat Enterprise Linux 7 | ibus-chewing | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
1.9 Low
CVSS2
Связанные уязвимости
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlie ...
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate attackers to obtain a user password by reading the lockscreen.
EPSS
1.9 Low
CVSS2