CVE-2023-4104 - OpenCVE

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mozilla	Vpn

Configuration 1 [-]

cpe:2.3:a:mozilla:vpn:*:*:*:*:*:linux:*:*

No data.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1831318
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151
https://www.mozilla.org/security/advisories/mfsa2023-39/
https://www.openwall.com/lists/oss-security/2023/08/03/1

History

No history.

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2023-09-11T08:02:53.854Z

Updated: 2024-08-02T07:17:11.903Z

Reserved: 2023-08-02T13:32:46.131Z

Link: CVE-2023-4104

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-09-11T09:15:08.997

Modified: 2023-09-13T16:34:57.820

Link: CVE-2023-4104

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4104", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2023-08-02T13:32:46.131Z", "datePublished": "2023-09-11T08:02:53.854Z", "dateUpdated": "2024-08-02T07:17:11.903Z"}, "containers": {"cna": {"affected": [{"product": "Mozilla VPN client for Linux", "vendor": "Mozilla", "versions": [{"lessThan": "v2.16.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.<br>*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1."}]}], "problemTypes": [{"descriptions": [{"description": "Local user authentication flaws in Mozilla VPN client for Linux in v2.16.0 and below.", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "credits": [{"lang": "en", "value": "Matthias Gerstner"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2023-09-11T08:02:53.854Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.903Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:vpn:*:*:*:*:*:linux:*:*", "matchCriteriaId": "60737FA0-0B0A-4423-891A-6E747F952254", "versionEndExcluding": "2.16.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1."}, {"lang": "es", "value": "Una verificaci\u00f3n de Autenticaci\u00f3n No V\u00e1lida de Polkit y requisitos de autenticaci\u00f3n faltantes para los m\u00e9todos D-Bus permitieron a cualquier usuario local configurar configuraciones VPN arbitrarias. *Este error s\u00f3lo afecta a Mozilla VPN en Linux. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta al cliente VPN de Mozilla para Linux < v2.16.1.\n"}], "id": "CVE-2023-4104", "lastModified": "2023-09-13T16:34:57.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-11T09:15:08.997", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}