CVE-2022-21946 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-21946 Interim 1 7 2025-02-16T03:13:08Z current 2022-03-12T02:54:37Z 2025-02-16T03:13:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-21946 A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed cscreen-1.4-1.1 cscreen-1.4-1.1 as a component of openSUSE Tumbleweed A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory cscreen version 1.2-1.3 and prior versions. CVE-2022-21946 openSUSE Tumbleweed:cscreen-1.4-1.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L