VDB
CVE-2009-4145
CVE-2009-4145
PUBLISHED
CVSS 2.0999999046325684 LOW
nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon actions in the connection editor GUI, which allows local users to obtain sensitive information by reading D-Bus signals, as demonstrated by using dbus-monitor to discover the password for the WiFi network.
EPSS 0.06% · 19.4th percentile
Risk Scores
CVSS 2.0
2.0999999046325684
EPSS Score
0.06%
19.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| gnome | networkmanager | 0.7.2 |
Timeline
- Dec 23, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 37580 vdb
- [oss-security] 20091216 NetworkManager CVE assignment mailing-list
- networkmanager-nmconnectioneditor-info-disc(54898) vdb
- http://git.gnome.org/browse/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=56d87fcb86acb5359558e0a2ee702cfc0c3391f2 url
- https://bugzilla.redhat.com/show_bug.cgi?id=546117 url
- 37819 third-party-advisory
- oval:org.mitre.oval:def:10539 vdb
- SUSE-SR:2010:002 vendor-advisory
- RHSA-2010:0108 vendor-advisory
- http://git.gnome.org/browse/network-manager-applet/commit/?h=NETWORKMANAGER_APPLET_0_7&id=8627880e07c8345f69ed639325280c7f62a8f894 url
- 38420 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2009-4145 advisory