Vulnerability in Opensuse Factory
CVE-2022-21946
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any run…
EPSS: 0.000 (11.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.
Affected products
- Opensuse Factory — versions cscreen
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2022-21946?
- CVE-2022-21946 is a medium-severity vulnerability in Opensuse Factory, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 5.3/10. Published 2022-03-16.
- How severe is CVE-2022-21946?
- Medium severity. CVSS v3 base score is 5.3 out of 10.