Описание
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
Ссылки
- PatchVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- Vendor Advisory
- PatchVendor Advisory
- ExploitIssue TrackingThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
4.7 Medium
CVSS2
Дефекты
Связанные уязвимости
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
puppetmasterd in puppet 0.24.6 does not reset supplementary groups whe ...
puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
Уязвимости операционной системы Gentoo Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
4.7 Medium
CVSS2