CVE-2020-14391

Опубликовано: 08 фев. 2021

Источник: ubuntu

Приоритет: negligible

EPSS Низкий

CVSS2: 2.1

CVSS3: 5.5

Описание

A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality.

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	not-affected	code not present
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
focal	not-affected	code not present
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 7%

0.0003

Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2020-14391

CVSS3: 5

redhat

почти 5 лет назад

CVE-2020-14391

CVSS3: 5.5

nvd

больше 4 лет назад

CVE-2020-14391

CVSS3: 5.5

debian

больше 4 лет назад

A flaw was found in the GNOME Control Center in Red Hat Enterprise Lin ...

GHSA-95g9-pcvg-9462

CVSS3: 5.5

github

около 3 лет назад

ELSA-2020-4451

oracle-oval

больше 4 лет назад

ELSA-2020-4451: GNOME security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 7%

0.0003

Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

CVE-2020-14391

Описание

Пакет gnome-settings-daemon

Ссылки на источники

Связанные уязвимости