CVE-2018-14345 - OpenCVE

An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Sddm Project	Sddm

Configuration 1 [-]

cpe:2.3:a:sddm_project:sddm:*:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=1101450	Issue Tracking Patch Third Party Advisory
https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:22:28

Updated: 2022-10-03T16:22:28

Reserved: 2022-10-03T00:00:00

Link: CVE-2018-14345

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-07-17T14:29:00.517

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-14345

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:22:28", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1101450"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14345", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1101450", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1101450"}, {"name": "https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98", "refsource": "CONFIRM", "url": "https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-14345", "datePublished": "2022-10-03T16:22:28", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:22:28", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sddm_project:sddm:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE2F0E6C-6C6C-4EBF-941F-226F9F4A7719", "versionEndIncluding": "0.17.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp."}, {"lang": "es", "value": "Se ha descubierto un problema en SDDM hasta su versi\u00f3n 0.17.0. Si se configura con ReuseSession=true, la contrase\u00f1a no se comprueba para los usuarios con una sesi\u00f3n ya existente. Cualquier usuario con acceso al D-Bus del sistema puede, por lo tanto, desbloquear cualquier sesi\u00f3n gr\u00e1fica. Esto est\u00e1 relacionado con daemon/Display.cpp y helper/backend/PamBackend.cpp."}], "id": "CVE-2018-14345", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-07-17T14:29:00.517", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1101450"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/sddm/sddm/commit/147cec383892d143b5e02daa70f1e7def50f5d98"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}]}