cbcvebase.
CVE-2017-8900
published 2017-05-12

CVE-2017-8900: LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit…

PriorityP421medium4.6CVSS 3.0
AVPACLPRNUINSUCHINAN
EPSS
0.42%
33.5th percentile
LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianlightdm
lightdm_projectlightdm<= 1.22.0

CVSS provenance

nvdv3.04.6MEDIUMCVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_debian4.6LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.