CVE-2023-4104 - Vulnerability Details - OpenCVE

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. *This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Mozilla	Vpn

Configuration 1 [-]

cpe:2.3:a:mozilla:vpn:*:*:*:*:*:linux:*:*

No data.

References

Link	Providers
https://bugzilla.mozilla.org/show_bug.cgi?id=1831318
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110
https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151
https://www.mozilla.org/security/advisories/mfsa2023-39/
https://www.openwall.com/lists/oss-security/2023/08/03/1

History

Wed, 02 Jul 2025 20:45:00 +0000

Type	Values Removed	Values Added
Description	An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN client for Linux < v2.16.1.	An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 < (Linux).

Thu, 26 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2023-09-11T08:02:53.854Z

Updated: 2025-07-03T13:57:22.751Z

Reserved: 2023-08-02T13:32:46.131Z

Link: CVE-2023-4104

Vulnrichment

Updated: 2024-08-02T07:17:11.903Z

NVD

Status : Modified

Published: 2023-09-11T09:15:08.997

Modified: 2025-07-03T14:15:25.717

Link: CVE-2023-4104

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4104", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2023-08-02T13:32:46.131Z", "datePublished": "2023-09-11T08:02:53.854Z", "dateUpdated": "2025-07-03T13:57:22.751Z"}, "containers": {"cna": {"affected": [{"product": "Mozilla VPN 2.16.1", "vendor": "Mozilla", "versions": [{"lessThan": "(Linux)", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.<br>*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux)."}]}], "problemTypes": [{"descriptions": [{"description": "Local user authentication flaws in Mozilla VPN client for Linux in v2.16.0 and below.", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "credits": [{"lang": "en", "value": "Matthias Gerstner"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2025-07-02T20:42:35.551Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.903Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-26T14:54:54.146104Z", "id": "CVE-2023-4104", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-03T13:57:22.751Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110", "tags": ["x_transferred"]}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:17:11.903Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-4104", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-26T14:54:54.146104Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T14:54:59.724Z"}}], "cna": {"credits": [{"lang": "en", "value": "Matthias Gerstner"}], "affected": [{"vendor": "Mozilla", "product": "Mozilla VPN 2.16.1", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "(Linux)", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).", "supportingMedia": [{"type": "text/html", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.<br>*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux).", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Local user authentication flaws in Mozilla VPN client for Linux in v2.16.0 and below."}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2025-07-02T20:42:35.551Z"}}}, "cveMetadata": {"cveId": "CVE-2023-4104", "state": "PUBLISHED", "dateUpdated": "2025-07-03T13:57:22.751Z", "dateReserved": "2023-08-02T13:32:46.131Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2023-09-11T08:02:53.854Z", "assignerShortName": "mozilla"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:vpn:*:*:*:*:*:linux:*:*", "matchCriteriaId": "60737FA0-0B0A-4423-891A-6E747F952254", "versionEndExcluding": "2.16.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups.\n*This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected.* This vulnerability affects Mozilla VPN 2.16.1 < (Linux)."}, {"lang": "es", "value": "Una verificaci\u00f3n de Autenticaci\u00f3n No V\u00e1lida de Polkit y requisitos de autenticaci\u00f3n faltantes para los m\u00e9todos D-Bus permitieron a cualquier usuario local configurar configuraciones VPN arbitrarias. *Este error s\u00f3lo afecta a Mozilla VPN en Linux. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta al cliente VPN de Mozilla para Linux < v2.16.1.\n"}], "id": "CVE-2023-4104", "lastModified": "2025-07-03T14:15:25.717", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-09-11T09:15:08.997", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"source": "security@mozilla.org", "tags": ["Issue Tracking"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"source": "security@mozilla.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1831318"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7110"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://github.com/mozilla-mobile/mozilla-vpn-client/pull/7151"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2023-39/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2023/08/03/1"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}