2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
12.8%
Software: accountservice 0.6.50
OS: Cobalt 7.9
CVE-ID: CVE-2020-16126
CVE-Crit: LOW
CVE-DESC: Ubuntu-specific modification of AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, incorrectly removed ruid, allowing untrusted users to send signals to AccountsService, thus preventing them from processing D-Bus messages.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2020-16127
CVE-Crit: MEDIUM
CVE-DESC: Ubuntu-specific modification to AccountsService in versions prior to 0.6.55-0ubuntu13.2, among other earlier versions, will perform unrestricted read operations on user-managed ~ / .pam_environment files, allowing an infinite loop to be created if / dev / null is bound to that location.
CVE-STATUS: default
CVE-REV: default
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Cobalt | any | noarch | accountservice | < 0.6.50 | UNKNOWN |
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
12.8%