CVE-2020-17489
Description
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.149
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| graphical shell for the GNOME desktop (USN-4464-1) gnome-shell_3.36.4-1ubuntu1~20.04.2_amd64.deb | Linux |
| (RHSA-2022:1814) gnome-shell security and bug fix update gnome-shell-debugsource-3.32.2-44.el8.x86_64.rpm | Linux |
| gnome-shell security and bug fix update (RLSA-2022:1814) gnome-shell-3.32.2-44.el8.x86_64.rpm | Linux |
| (RHSA-2022:1814) gnome-shell security and bug fix update gnome-shell-3.32.2-44.el8.x86_64.rpm | Linux |
| (RHSA-2022:1814)Low: security and bug fix update gnome-shell-debuginfo-3.32.2-44.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234