CVE-2022-28321 - OpenCVE

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux-pam	Linux-pam
Opensuse	Tumbleweed

Configuration 1 [-]

AND

cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:tumbleweed:-:*:*:*:*:*:*:*

References

Link	Resource
http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/	Patch Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1197654	Issue Tracking Patch Vendor Advisory
https://www.suse.com/security/cve/CVE-2022-28321.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-19T21:10:22

Updated: 2022-09-19T21:10:22

Reserved: 2022-04-01T00:00:00

Link: CVE-2022-28321

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-19T22:15:10.913

Modified: 2023-08-08T14:21:49.707

Link: CVE-2022-28321

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-19T21:10:22", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.suse.com/security/cve/CVE-2022-28321.html"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1197654"}], "source": {"discovery": "INTERNAL"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-28321", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", "refsource": "MISC", "url": "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/"}, {"name": "https://www.suse.com/security/cve/CVE-2022-28321.html", "refsource": "MISC", "url": "https://www.suse.com/security/cve/CVE-2022-28321.html"}, {"name": "https://bugzilla.suse.com/show_bug.cgi?id=1197654", "refsource": "MISC", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1197654"}]}, "source": {"discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-28321", "datePublished": "2022-09-19T21:10:22", "dateReserved": "2022-04-01T00:00:00", "dateUpdated": "2022-09-19T21:10:22", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CB27F60-F24C-4A17-B9EE-4B20B47244A8", "versionEndExcluding": "1.5.2-6.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:tumbleweed:-:*:*:*:*:*:*:*", "matchCriteriaId": "107C84EE-5E5C-4C36-A6DA-295144A527E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream."}, {"lang": "es", "value": "El paquete Linux-PAM versiones anteriores a 1.5.2-6.1 para openSUSE Tumbleweed, permite omitir la autenticaci\u00f3n en los inicios de sesi\u00f3n SSH. El m\u00f3dulo pam_access.so no restringe correctamente el inicio de sesi\u00f3n si un usuario intenta conectarse desde una direcci\u00f3n IP que no es resoluble por medio de DNS. En tales condiciones, un usuario con acceso denegado a una m\u00e1quina puede seguir accediendo. NOTA: la relevancia de este problema es limitada en gran medida a openSUSE Tumbleweed y openSUSE Factory; no afecta a Linux-PAM upstream"}], "id": "CVE-2022-28321", "lastModified": "2023-08-08T14:21:49.707", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-19T22:15:10.913", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1197654"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.suse.com/security/cve/CVE-2022-28321.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}