ROSA LABROSA-SA-2021-1846Advisory ROSA-SA-2021-1846
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
44.8%
Software: gnome-shell 3.28.3
OS: Cobalt 7.9
CVE-ID: CVE-2020-17489
CVE-Crit: MEDIUM
CVE-DESC: A problem was found in some GNOME gnome-shell configurations through 3.36.4. When logging out of an account, the password field in the login dialog box reappears, but the password is still displayed. If the user chose to have the password displayed in plain text while logged in, the password will be visible for a short time after logging out. (If the password has never been displayed in plain text, only the length of the password is displayed.)
CVE-STATUS: default
CVE-REV: default
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
44.8%