⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2020-27780Improper Authentication in Linux-pam

CWE-287Improper Authentication6 documents6 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 37.03%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
3
Linux-pamDebian PAMMsrc CM1 PAM 1.5.1-2 ON CBL Mariner 1.0
Timeline
PublishedDec 18
Latest updateMay 24

Description

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

NVDlinux-pam/linux-pam1.5.01.5.1
Alpinelinux-pam/linux-pam< 1.5.1+10
debiandebian/pam

🔴Vulnerability Details

2
GHSA
GHSA-pgjg-jx8c-q35f: A flaw was found in Linux-Pam in versions prior to 12022-05-24
OSV
CVE-2020-27780: A flaw was found in Linux-Pam in versions prior to 12020-12-18

📋Vendor Advisories

3
Microsoft
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of a2020-12-08
Red Hat
pam: authentication bypass when the user doesn't exist and root password is blank2020-10-27
Debian
CVE-2020-27780: pam - A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle em...2020
CVE-2020-27780 — Improper Authentication in Linux-pam | cvebase