VDB
CVE-2019-3825
CVE-2019-3825
PUBLISHED
A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.
EPSS 0.08% · 22.8th percentile
Risk Scores
EPSS Score
0.08%
22.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | gdm3 | 0, 3.18.0-2ubuntu1, 3.18.0-2ubuntu2 |
| Ubuntu:18.04:LTS | gdm3 | 3.28.2-0ubuntu1.3, 3.26.1-3ubuntu2, 3.26.2.1-0ubuntu1 |
Exploit Intelligence
Timeline
- Feb 6, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-3825 third-party-advisory
- https://ubuntu.com/security/notices/USN-3892-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-3825 third-party-advisory