CVE-2017-8900

medium

Description

LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

References

https://www.ubuntu.com/usn/usn-3285-1/

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-8900.html

https://launchpad.net/bugs/1663157

http://www.securityfocus.com/bid/98554

Details

Source: Mitre, NVD

Published: 2017-05-12

Updated: 2019-10-03

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.6

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium