Broker-Managed User Impersonation Vulnerability
CVE-2024-9313
8.8HIGH
What is CVE-2024-9313?
The Authd PAM module, prior to version 0.3.5, includes a significant vulnerability that permits broker-managed users to impersonate other users managed by the same broker. This allows unauthorized PAM operations to be executed, including the ability to authenticate as the impersonated user, which can lead to breaches of security and user privacy.
Affected Version(s)
Authd Linux 0 < 0.3.5