Vulnerability — CVE-2023-4104

CVE-2023-4104

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-4104
Description:: An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN client for Linux < v2.16.1.
Last updated date:: 09/13/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/13/2023
Reference url to background: https://bugzilla.mozilla.org/show_bug.cgi?id=1831318

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/13/2023
Reference url to background: https://www.openwall.com/lists/oss-security/2023/08/03/1