{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T20:56:14.329","vulnerabilities":[{"cve":{"id":"CVE-2019-3825","sourceIdentifier":"secalert@redhat.com","published":"2019-02-06T20:29:00.447","lastModified":"2024-11-21T04:42:37.413","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session."},{"lang":"es","value":"Se ha descubierto una vulnerabilidad en gdm en versiones anteriores a la 3.31.4. Cuando el inicio de sesión temporal está habilitado en la configuración, un atacante podría omitir la pantalla de bloqueo, seleccionando el usuario de inicio de sesión temporal y esperando a que se agote el tiempo. En ese momento, obtendría acceso a la sesión del usuario que ha iniciado sesión."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.4,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:gnome_display_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"3.31.4","matchCriteriaId":"91D07F22-A0D8-41BE-BE1A-A5A81E8306AA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","matchCriteriaId":"07C312A0-CD2C-4B9C-B064-6409B25C278F"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3825","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3892-1/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3825","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Mitigation","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3892-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}