exploitDog

CVE-2015-0257

Опубликовано: 01 мая 2015

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-0888.html
Vendor Advisory
http://www.securitytracker.com/id/1032231
http://rhn.redhat.com/errata/RHSA-2015-0888.html
Vendor Advisory
http://www.securitytracker.com/id/1032231

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*

Версия до 3.5.0 (включая)

EPSS

Процентиль: 13%

0.00042

Низкий

2.1 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2015-0257

redhat

около 11 лет назад

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

GHSA-7944-mp99-q983

github

больше 3 лет назад

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

EPSS

Процентиль: 13%

0.00042

Низкий

2.1 Low

CVSS2

Дефекты

CWE-264