CVE-2013-7221 — Gnome-shell vulnerability

CWE-2647 documents7 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 79.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gnome Gnome-shell
Timeline
PublishedApr 29
Latest updateMay 17

Description

The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

â–¶Debiangnome/gnome-shell< 3.10.1-1+3
â–¶NVDgnome/gnome-shell3.9.92+59

🔴Vulnerability Details

3
GHSA
GHSA-2fwf-gr55-x95r: The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3↗2022-05-17
â–¶
OSV
CVE-2013-7221: The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3↗2014-04-29
â–¶
CVEList
CVE-2013-7221: The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3↗2014-04-29
â–¶

📋Vendor Advisories

2
Red Hat
gnome-shell: run command dialog visible above screen locker↗2013-11-14
â–¶
Debian
CVE-2013-7221: gnome-shell - The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before ...↗2013
â–¶

💬Community

1
Bugzilla
CVE-2013-7221 gnome-shell: run command dialog visible above screen locker↗2013-12-27
â–¶
CVE-2013-7221 — Gnome Gnome-shell vulnerability | cvebase