CVE-2020-14391

CVE Details

Release Date:2021-02-08

Description


A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality.

See more information about CVE-2020-14391 from MITRE CVE dictionary and NIST NVD


CVSS v3.0 metrics


NOTE: The following CVSS v3.0 metrics and score provided are preliminary and subject to review.

Base Score: 5.5 Base Metrics: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Access Vector: Local network Attack Complexity: Low
Privileges Required: Low User Interaction: None
Scope: Unchanged Confidentiality Impact: High
Integrity Impact: None Availability Impact: None

Errata information


PlatformErrataRelease Date
Oracle Linux version 8 (LibRaw)ELSA-2020-44512020-11-10
Oracle Linux version 8 (PackageKit)ELSA-2020-44512020-11-10
Oracle Linux version 8 (dleyna-renderer)ELSA-2020-44512020-11-10
Oracle Linux version 8 (frei0r-plugins)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gdm)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-control-center)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-photos)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-remote-desktop)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-session)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-settings-daemon)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-shell)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-shell-extensions)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gnome-terminal)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gsettings-desktop-schemas)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gtk-doc)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gtk3)ELSA-2020-44512020-11-10
Oracle Linux version 8 (gvfs)ELSA-2020-44512020-11-10
Oracle Linux version 8 (libsoup)ELSA-2020-44512020-11-10
Oracle Linux version 8 (mutter)ELSA-2020-44512020-11-10
Oracle Linux version 8 (nautilus)ELSA-2020-44512020-11-10
Oracle Linux version 8 (pipewire)ELSA-2020-44512020-11-10
Oracle Linux version 8 (pipewire0.2)ELSA-2020-44512020-11-10
Oracle Linux version 8 (potrace)ELSA-2020-44512020-11-10
Oracle Linux version 8 (pygobject3)ELSA-2020-44512020-11-10
Oracle Linux version 8 (tracker)ELSA-2020-44512020-11-10
Oracle Linux version 8 (vte291)ELSA-2020-44512020-11-10
Oracle Linux version 8 (webkit2gtk3)ELSA-2020-44512020-11-10
Oracle Linux version 8 (webrtc-audio-processing)ELSA-2020-44512020-11-10
Oracle Linux version 8 (xdg-desktop-portal)ELSA-2020-44512020-11-10
Oracle Linux version 8 (xdg-desktop-portal-gtk)ELSA-2020-44512020-11-10



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete