Weak password requirements in fwupd - CVE-2022-3287
Published: May 9, 2023
Vulnerability identifier: #VU75912
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-3287
CWE-ID: CWE-521
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: fwupd.org
Affected software:
fwupd
fwupd
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges within the application.
The vulnerability exists due to the way the redfish plugin handles passwords. When creating an OPERATOR user account on the BMC, the redfish plugin
saved the auto-generated password to /etc/fwupd/redfish.conf without
proper restriction. A local user can read the configuration file and gain operator privileges.
How to mitigate CVE-2022-3287
Install updates from vendor's website.