CVE-2023-40660

{"id": "CVE-2023-40660", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}]}, "published": "2023-11-06T17:15:11.757", "references": [{"url": "https://access.redhat.com/errata/RHSA-2023:7876", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7879", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-40660", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240912", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1", "tags": ["Release Notes"], "source": "secalert@redhat.com"}, {"url": "https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en los paquetes OpenSC que permiten una posible omisi\u00f3n del PIN. Cuando un token/tarjeta es autenticado por un proceso, puede realizar operaciones criptogr\u00e1ficas en otros procesos cuando se pasa un pin vac\u00edo de longitud cero. Este problema plantea un riesgo de seguridad, particularmente para el inicio de sesi\u00f3n/desbloqueo de pantalla del sistema operativo y para tokens peque\u00f1os conectados permanentemente a las maquinas. Adem\u00e1s, el token puede rastrear internamente el estado de inicio de sesi\u00f3n. Esta falla permite que un atacante obtenga acceso no autorizado, lleve a cabo acciones maliciosas o comprometa el sistema sin que el usuario se de cuenta."}], "lastModified": "2024-09-16T17:15:59.347", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6722AEB-DDA9-49E4-9D5C-FBE1F15230AF", "versionEndIncluding": "0.23.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}