3.6
CVE-2015-3164
- EPSS 0.07%
- Published 01.07.2015 14:59:07
- Last modified 29.08.2025 13:42:30
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.
Data is provided by the National Vulnerability Database (NVD)
X.Org ≫ Xorg-server Version1.16.4
X.Org ≫ Xorg-server Version1.16.99.901
X.Org ≫ Xorg-server Version1.16.99.902
X.Org ≫ Xorg-server Version1.17.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.204 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 3.6 | 3.9 | 4.9 |
AV:L/AC:L/Au:N/C:P/I:P/A:N
|