CVE-2023-4104
Published
CVSS v3
5.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).
A fast, secure and easy to use VPN. Built by the makers of Firefox.
GitHub