Описание
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
Ссылки
- Third Party Advisory
- Issue TrackingThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:redhat:quickstart_cloud_installer:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00041
Низкий
8.4 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 7.1
redhat
больше 9 лет назад
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
CVSS3: 8.4
github
больше 3 лет назад
Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.
EPSS
Процентиль: 12%
0.00041
Низкий
8.4 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-264