CVE-2016-4982

Опубликовано: 17 июл. 2017

Источник: nvd

CVSS3: 4.7

CVSS2: 1.9

EPSS Низкий

Описание

authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1346051
Issue Tracking
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1346051
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:teether:authd:-:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00077

Низкий

4.7 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-362

Связанные уязвимости

CVE-2016-4982

CVSS3: 2.5

redhat

больше 9 лет назад

authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.

GHSA-637c-5c76-f4m8

CVSS3: 4.7

github

больше 3 лет назад

authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.

EPSS

Процентиль: 23%

0.00077

Низкий

4.7 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-362