CVE-2023-4104 - Vulnerability Details - OpenCVE

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mozilla	Vpn

Configuration 1 [-]

cpe:2.3:a:mozilla:vpn:*:*:*:*:*:linux:*:*

No data.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1831318
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151
https://www.mozilla.org/security/advisories/mfsa2023-39/
https://www.openwall.com/lists/oss-security/2023/08/03/1

History

Thu, 26 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2023-09-11T08:02:53.854Z

Updated: 2024-09-26T14:55:06.282Z

Reserved: 2023-08-02T13:32:46.131Z

Link: CVE-2023-4104

Vulnrichment

Updated: 2024-08-02T07:17:11.903Z

NVD

Status : Modified

Published: 2023-09-11T09:15:08.997

Modified: 2024-11-21T08:34:24.063

Link: CVE-2023-4104

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4104", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2023-08-02T13:32:46.131Z", "datePublished": "2023-09-11T08:02:53.854Z", "dateUpdated": "2024-09-26T14:55:06.282Z"}, "containers": {"cna": {"affected": [{"product": "Mozilla VPN client for Linux", "vendor": "Mozilla", "versions": [{"lessThan": "v2.16.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.<br>*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1."}]}], "problemTypes": [{"descriptions": [{"description": "Local user authentication flaws in Mozilla VPN client for Linux in v2.16.0 and below.", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "credits": [{"lang": "en", "value": "Matthias Gerstner"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2023-09-11T08:02:53.854Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.903Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-26T14:54:54.146104Z", "id": "CVE-2023-4104", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T14:55:06.282Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.903Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4104", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-26T14:54:54.146104Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T14:54:59.724Z"}}], "cna": {"credits": [{"lang": "en", "value": "Matthias Gerstner"}], "affected": [{"vendor": "Mozilla", "product": "Mozilla VPN client for Linux", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "v2.16.1", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.", "supportingMedia": [{"type": "text/html", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.<br>*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Local user authentication flaws in Mozilla VPN client for Linux in v2.16.0 and below."}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2023-09-11T08:02:53.854Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4104", "state": "PUBLISHED", "dateUpdated": "2024-09-26T14:55:06.282Z", "dateReserved": "2023-08-02T13:32:46.131Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2023-09-11T08:02:53.854Z", "assignerShortName": "mozilla"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:vpn:*:*:*:*:*:linux:*:*", "matchCriteriaId": "60737FA0-0B0A-4423-891A-6E747F952254", "versionEndExcluding": "2.16.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1."}, {"lang": "es", "value": "Una verificaci\u00f3n de Autenticaci\u00f3n No V\u00e1lida de Polkit y requisitos de autenticaci\u00f3n faltantes para los m\u00e9todos D-Bus permitieron a cualquier usuario local configurar configuraciones VPN arbitrarias. *Este error s\u00f3lo afecta a Mozilla VPN en Linux. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta al cliente VPN de Mozilla para Linux < v2.16.1.\n"}], "id": "CVE-2023-4104", "lastModified": "2024-11-21T08:34:24.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-11T09:15:08.997", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}