CVE-2021-31924

{"id": "CVE-2021-31924", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2021-05-26T00:15:08.490", "references": [{"url": "https://developers.yubico.com/pam-u2f/", "tags": ["Product", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRBVOZEMVO72FV4Z5O4GBGSURXHWRGD3/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL3I5AKECLMK4ADLLACLOEF7H5CMNDP2/", "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/202208-11", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.yubico.com/support/security-advisories/ysa-2021-03", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://developers.yubico.com/pam-u2f/", "tags": ["Product", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRBVOZEMVO72FV4Z5O4GBGSURXHWRGD3/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL3I5AKECLMK4ADLLACLOEF7H5CMNDP2/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/202208-11", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.yubico.com/support/security-advisories/ysa-2021-03", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence (touch) or cryptographic signature verification to be bypassed, so an attacker would still need to physically possess and interact with the YubiKey or another enrolled authenticator. If pam-u2f is configured to require PIN authentication, and the application using pam-u2f allows the user to submit NULL as the PIN, pam-u2f will attempt to perform a FIDO2 authentication without PIN. If this authentication is successful, the PIN requirement is bypassed."}, {"lang": "es", "value": "Yubico pam-u2f antes de la versi\u00f3n 1.1.1 tiene un problema l\u00f3gico que, dependiendo de la configuraci\u00f3n de pam-u2f y de la aplicaci\u00f3n utilizada, podr\u00eda conducir a una derivaci\u00f3n local del PIN. Este problema no permite eludir la presencia del usuario (tacto) o la verificaci\u00f3n de la firma criptogr\u00e1fica, por lo que un atacante todav\u00eda tendr\u00eda que poseer f\u00edsicamente e interactuar con la YubiKey u otro autenticador inscrito. Si pam-u2f est\u00e1 configurado para requerir la autenticaci\u00f3n con PIN, y la aplicaci\u00f3n que utiliza pam-u2f permite al usuario enviar NULL como PIN, pam-u2f intentar\u00e1 realizar una autenticaci\u00f3n FIDO2 sin PIN. Si esta autenticaci\u00f3n tiene \u00e9xito, el requisito del PIN se omite"}], "lastModified": "2024-11-21T06:06:31.330", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:yubico:pam-u2f:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93820EAC-FFD1-4D1D-987F-69AB121027A6", "versionEndExcluding": "1.1.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}