Medium severity5.3NVD Advisory· Published Oct 4, 2023· Updated Jun 17, 2026
CVE-2021-3784
CVE-2021-3784
Description
Garuda Linux performs an insecure user creation and authentication that allows any user to impersonate the created account. By creating users from the 'Garuda settings manager', an insecure procedure is performed that keeps the created user without an assigned password during some seconds. This could allow a potential attacker to exploit this vulnerability in order to authenticate without knowing the password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: all versions
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/garuda-linux-improper-authorizationnvdThird Party Advisory
News mentions
0No linked articles in our index yet.