CVE-2020-14391

CVE-2020-14391

Vendor N/A
Product gnome-settings-daemon
Weakness CWE-522 · Insufficiently protected credentials
Published February 8, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality.

Key dates

02Disclosure timeline

February 8, 2021 CVE published
August 4, 2024 Record updated