Lucene search
CanonicalCVELIST:CVE-2022-4964HistoryJan 24, 2024 - 12:58 a.m.
CVE-2022-4964
2024-01-2400:58:14
canonical
www.cve.org
4
ubuntu
pipewire-pulse
unauthorized access
microphone
snap interface
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0
Percentile
15.5%
Ubuntu’s pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
CNA Affected
[
{
"packageName": "pipwire-pulse",
"product": "Ubuntu pipewire-pulse",
"vendor": "Canonical Ltd.",
"platforms": [
"Linux"
],
"versions": [
{
"status": "affected",
"version": "0"
}
]
}
]Related
cve
cve
CVE-2022-4964
2024-01-24 01:15:07
debiancve
debiancve
CVE-2022-4964
2024-01-24 01:15:07
nvd
nvd
CVE-2022-4964
2024-01-24 01:15:07
prion
prion
Authentication flaw
2024-01-24 01:15:00
veracode
veracode
Incorrect Default Permissions
2024-02-04 12:25:18
osv
osv
CVE-2022-4964
2024-01-24 01:15:07
redhatcve
redhatcve
CVE-2022-4964
2024-01-25 18:11:11
ubuntucve
ubuntucve
CVE-2022-4964
2024-01-23 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0
Percentile
15.5%
Related for CVELIST:CVE-2022-4964