3 matches found
CVE-2021-3784
creationtimestamp| type| source ---|---|--- 2023-10-04 20:12:05+00:00| seen| https://t.me/cibsecurity/71610...
CVE-2021-3784
Garuda Linux is affected by CVE-2021-3784 due to an insecure user creation/authentication flow: when creating a user via the Garuda Settings Manager, the process may leave the new account without a password for a brief window, enabling an attacker to authenticate as that user locally. The vulnera...
CVE-2021-3784 Garuda Linux Improper Authorization
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This...