CVE-2017-9868

Опубликовано: 25 июн. 2017

Источник: debian

EPSS Низкий

Описание

In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mosquitto	fixed	1.4.14-1		package
mosquitto	fixed	1.4.10-3+deb9u1	stretch	package

Примечания

https://github.com/eclipse/mosquitto/issues/468
https://github.com/eclipse/mosquitto/commit/09cb1b61c8f48284d9c42bd911faa7525cc689c7

EPSS

Процентиль: 30%

0.00111

Низкий

Связанные уязвимости

CVE-2017-9868

CVSS3: 5.5

ubuntu

больше 8 лет назад

In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information.

CVE-2017-9868

CVSS3: 5.5

nvd

больше 8 лет назад

In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information.

GHSA-m438-p9g2-x57w

CVSS3: 5.5

github

больше 3 лет назад

In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information.

EPSS

Процентиль: 30%

0.00111

Низкий