← Back

CVE-2023-43090

nvd nist
Published: Sep 22, 2023Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.

Affected (5)

Gnome
1 product
Gnome Shell
Fedoraproject
1 product
Fedora
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Gnome
Gnome Shell
From 43 to 43.9
Gnome Shell
From 44 to 44.5
Gnome Shell
Version 42
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 37
Fedora
Version 38

Related CWEs

CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (8)

Source: patrick@puiterwijk.org
Third Party Advisory
Source: patrick@puiterwijk.org
Issue TrackingThird Party Advisory
Source: patrick@puiterwijk.org
ExploitIssue TrackingPatchVendor Advisory
Source: patrick@puiterwijk.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.