Lucene search

[email protected]CVE-2015-1319

HistorySep 17, 2015 - 4:59 p.m.

CVE-2015-1319

2015-09-1716:59:00

CWE-20

[email protected]

web.nvd.nist.gov

unity settings daemon

cve-2015-1319

screen lock detection

physical proximity attack

removable media

nvd

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

12.0%

JSON

The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04.20150408-0ubuntu1.2 does not properly detect if the screen is locked, which allows physically proximate attackers to mount removable media while the screen is locked as demonstrated by inserting a USB thumb drive.

CPENameOperatorVersion
canonical:ubuntu_linuxcanonical ubuntu linuxeq14.04
canonical:ubuntu_linuxcanonical ubuntu linuxeq15.04

CPE	Name	Operator	Version
canonical:ubuntu_linux	canonical ubuntu linux	eq	14.04
canonical:ubuntu_linux	canonical ubuntu linux	eq	15.04

References

www.ubuntu.com/usn/USN-2741-1

bugs.launchpad.net/ubuntu/%2Bsource/unity/%2Bbug/1438870

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

12.0%

JSON

Related for CVE-2015-1319

nessus1 securityvulns2 openvas1 ubuntucve1 prion1 ubuntu1