Lucene search

Veracode Vulnerability DatabaseVERACODE:35098

HistoryApr 14, 2022 - 7:48 a.m.

Authentication Bypass

2022-04-1407:48:19

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

usbguard

vulnerability

authentication bypass

usb devices

unprivileged user

usbguard-dbus

EPSS

0.001

Percentile

36.8%

JSON

USBGuard is vulnerable to Authentication Bypass. The vulnerability exists on systems with the usbguard-dbus daemon running which allows an unprivileged user to make USBGuard allowing all USB devices to be connected in the future.

References

github.com/USBGuard/usbguard/issues/273

github.com/USBGuard/usbguard/issues/403

github.com/USBGuard/usbguard/pull/531

lists.debian.org/debian-lts-announce/2022/04/msg00010.html

lists.fedoraproject.org/archives/list/[email protected]/message/B2ET6DU4IA64M6TMQ4X3SG2L6TRPLDN6/

lists.fedoraproject.org/archives/list/[email protected]/message/B3HQVTHHJFQLSWSXA7W3ZHRF72YMPI46/

lists.fedoraproject.org/archives/list/[email protected]/message/D4QO5J5YEWVX27QXYOGL3BDRV3KXNRQI/

security-tracker.debian.org/tracker/CVE-2019-25058

EPSS

0.001

Percentile

36.8%

JSON

Related for VERACODE:35098