CVE-2022-28321

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.

El paquete Linux-PAM versiones anteriores a 1.5.2-6.1 para openSUSE Tumbleweed, permite omitir la autenticación en los inicios de sesión SSH. El módulo pam_access.so no restringe correctamente el inicio de sesión si un usuario intenta conectarse desde una dirección IP que no es resoluble por medio de DNS. En tales condiciones, un usuario con acceso denegado a una máquina puede seguir accediendo. NOTA: la relevancia de este problema es limitada en gran medida a openSUSE Tumbleweed y openSUSE Factory; no afecta a Linux-PAM upstream

*Credits: N/A

CVSS Scores

NISTv3.1 9.8

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-04-01 CVE Reserved
2022-09-19 CVE Published
2024-05-10 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-287: Improper Authentication

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src	2023-08-08
https://bugzilla.suse.com/show_bug.cgi?id=1197654	2023-08-08

URL	Date	SRC
https://www.suse.com/security/cve/CVE-2022-28321.html	2023-08-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux-pam Search vendor "Linux-pam"	Linux-pam Search vendor "Linux-pam" for product "Linux-pam"	< 1.5.2-6.1 Search vendor "Linux-pam" for product "Linux-pam" and version " < 1.5.2-6.1"	-	Affected	in	Opensuse Search vendor "Opensuse"	Tumbleweed Search vendor "Opensuse" for product "Tumbleweed"	-	-	Safe