Veracode Vulnerability DatabaseVERACODE:22847Authentication Bypass
4.3 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
gnome-shell is vulnerable to authentication bypass. The vulnerability exists as it was possible to bypass a partial lock screen.
References
lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html
lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1021
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1421231
bugzilla.redhat.com/show_bug.cgi?id=1474305
bugzilla.redhat.com/show_bug.cgi?id=1506370
bugzilla.redhat.com/show_bug.cgi?id=1547158
bugzilla.redhat.com/show_bug.cgi?id=1556776
bugzilla.redhat.com/show_bug.cgi?id=1556800
bugzilla.redhat.com/show_bug.cgi?id=1583836
bugzilla.redhat.com/show_bug.cgi?id=1607839
bugzilla.redhat.com/show_bug.cgi?id=1624461
bugzilla.redhat.com/show_bug.cgi?id=1630686
bugzilla.redhat.com/show_bug.cgi?id=1632904
bugzilla.redhat.com/show_bug.cgi?id=1638727
bugzilla.redhat.com/show_bug.cgi?id=1646345
bugzilla.redhat.com/show_bug.cgi?id=1657887
bugzilla.redhat.com/show_bug.cgi?id=1672289
bugzilla.redhat.com/show_bug.cgi?id=1674534
bugzilla.redhat.com/show_bug.cgi?id=1678448
bugzilla.redhat.com/show_bug.cgi?id=1687745
bugzilla.redhat.com/show_bug.cgi?id=1691197
bugzilla.redhat.com/show_bug.cgi?id=1691474
bugzilla.redhat.com/show_bug.cgi?id=1702417
bugzilla.redhat.com/show_bug.cgi?id=1720286
bugzilla.redhat.com/show_bug.cgi?id=1721562
bugzilla.redhat.com/show_bug.cgi?id=1723283
bugzilla.redhat.com/show_bug.cgi?id=1728761
bugzilla.redhat.com/show_bug.cgi?id=1737367
bugzilla.redhat.com/show_bug.cgi?id=1737369
bugzilla.redhat.com/show_bug.cgi?id=1737515
bugzilla.redhat.com/show_bug.cgi?id=1741274
bugzilla.redhat.com/show_bug.cgi?id=1743913
bugzilla.redhat.com/show_bug.cgi?id=1749325
bugzilla.redhat.com/show_bug.cgi?id=1750807
bugzilla.redhat.com/show_bug.cgi?id=1752357
bugzilla.redhat.com/show_bug.cgi?id=1752367
bugzilla.redhat.com/show_bug.cgi?id=1752378
bugzilla.redhat.com/show_bug.cgi?id=1752547
bugzilla.redhat.com/show_bug.cgi?id=1753799
bugzilla.redhat.com/show_bug.cgi?id=1766501
bugzilla.redhat.com/show_bug.cgi?id=1772896
bugzilla.redhat.com/show_bug.cgi?id=1778270
bugzilla.redhat.com/show_bug.cgi?id=1789491
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820
gitlab.gnome.org/GNOME/gnome-shell/issues/851
usn.ubuntu.com/3966-1/
Related
4.3 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P