Описание
The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00052
Низкий
4.4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow.
EPSS
Процентиль: 16%
0.00052
Низкий
4.4 Medium
CVSS2
Дефекты
CWE-200