Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-9595

Опубликовано: 27 июл. 2018
Источник: nvd
CVSS3: 7.3
CVSS3: 5.5
CVSS2: 3.6
EPSS Низкий

Описание

A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:theforeman:katello:*:*:*:*:*:*:*:*
Версия до 3.4.0 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_capsule:6.3:*:*:*:*:*:*:*

EPSS

Процентиль: 13%
0.00042
Низкий

7.3 High

CVSS3

5.5 Medium

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-377
CWE-59

Связанные уязвимости

redhat логотип

CVE-2016-9595

CVSS3: 7.3
redhat
около 9 лет назад

A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.

github логотип

GHSA-4fx8-jx6v-vjhj

CVSS3: 5.5
github
больше 3 лет назад

A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.

EPSS

Процентиль: 13%
0.00042
Низкий

7.3 High

CVSS3

5.5 Medium

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-377
CWE-59