CVE-2015-8034

Опубликовано: 30 янв. 2017

Источник: nvd

CVSS3: 3.3

CVSS2: 2.1

EPSS Низкий

Описание

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.

Ссылки

http://www.securityfocus.com/bid/96390
https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html
Release Notes
Vendor Advisory
http://www.securityfocus.com/bid/96390
https://docs.saltstack.com/en/latest/topics/releases/2015.8.3.html
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*

Версия до 2015.8.2 (включая)

EPSS

Процентиль: 10%

0.00035

Низкий

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2015-8034

CVSS3: 3.3

ubuntu

около 9 лет назад

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.

CVE-2015-8034

redhat

больше 10 лет назад

The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file.

CVE-2015-8034

CVSS3: 3.3

debian

около 9 лет назад

The state.sls function in Salt before 2015.8.3 uses weak permissions o ...

GHSA-6prw-8xhm-h247

CVSS3: 3.3

github

больше 3 лет назад

Salt uses weak permissions on the cache data

EPSS

Процентиль: 10%

0.00035

Низкий

3.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200