vulnerability

FreeBSD: VID-a8654f1d-770d-11eb-b87a-901b0ef719ab (CVE-2020-25580): FreeBSD -- login.access fails to apply rules

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Feb 25, 2021	Feb 25, 2021	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Feb 25, 2021

Added

Feb 25, 2021

Modified

Dec 10, 2025

Description

Problem Description: A regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not. This means that rules denying access may be ignored. Impact: The configuration in login.access(5) may not be applied, permitting login access to users even when the system is configured to deny it.

Solutions

freebsd-upgrade-base-12_2-release-p4freebsd-upgrade-base-11_4-release-p8

References

CVE-2020-25580
https://attackerkb.com/topics/CVE-2020-25580
CWE-697

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today