Unrated severityNVD Advisory· Published Dec 17, 2020· Updated Aug 4, 2024
CVE-2020-27780
CVE-2020-27780
Description
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Linux-Pam/Linux-Pamdescription
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.