Linux-PAM up to 1.5.2-6.0 on openSUSE SSH Login pam_access.so improper authentication
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
7.9 | $0-$5k | 0.00 |
A vulnerability has been found in Linux-PAM up to 1.5.2-6.0 on openSUSE and classified as critical. Affected by this vulnerability is an unknown function of the file pam_access.so of the component SSH Login Handler. The manipulation with an unknown input leads to a improper authentication vulnerability. The CWE definition for the vulnerability is CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
The weakness was presented 09/20/2022. It is possible to read the advisory at bugzilla.suse.com. This vulnerability is known as CVE-2022-28321 since 04/01/2022. Technical details of the vulnerability are known, but there is no available exploit.
Upgrading to version 1.5.2-6.1 eliminates this vulnerability. The upgrade is hosted for download at download.opensuse.org.
Product
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.0VulDB Meta Temp Score: 7.9
VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 9.8
NVD Vector: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Improper authenticationCWE: CWE-287
ATT&CK: Unknown
Local: No
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Linux-PAM 1.5.2-6.1
Timeline
04/01/2022 🔍09/20/2022 🔍
09/20/2022 🔍
10/20/2022 🔍
Sources
Advisory: bugzilla.suse.comStatus: Confirmed
Confirmation: 🔍
CVE: CVE-2022-28321 (🔍)
Entry
Created: 09/20/2022 07:56Updated: 10/20/2022 19:24
Changes: 09/20/2022 07:56 (43), 10/20/2022 19:24 (11)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.