CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
EPSS
Percentile
12.7%
GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the “face browser” feature is
enabled, allows local users to access the “Configure Login Manager”
functionality using their own password instead of the root password, which
can be leveraged to gain additional privileges.