---

CVE-2020-27780 - log back

CVE-2020-27780 edited at 24 Nov 2020 16:45:43
Severity	- Unknown + High
Remote	- Unknown + Local
Type	- Unknown + Authentication bypass
Description	+ An authentication bypass issue was found in pam 1.5.0. Nonexistent users could authenticate if the root password was empty.
References	+ https://github.com/linux-pam/linux-pam/blob/5b7ba35ebfd280c931933fedbf98cb7f4a8846f2/NEWS#L4-L5 + https://github.com/linux-pam/linux-pam/pull/300 + https://github.com/linux-pam/linux-pam/commit/30fdfb90d9864bcc254a62760aaa149d373fd4eb
Notes

CVE-2020-27780 created at 24 Nov 2020 16:38:50