CVE-2018-7689

Опубликовано: 07 июн. 2018

Источник: nvd

CVSS3: 7.1

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opensuse:open_build_service:*:*:*:*:*:*:*:*

Версия до 2.9.3 (исключая)

EPSS

Процентиль: 38%

0.00165

Низкий

7.1 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-862

Связанные уязвимости

CVE-2018-7689

CVSS3: 7.1

ubuntu

больше 7 лет назад

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.

CVE-2018-7689

CVSS3: 7.1

debian

больше 7 лет назад

Lack of permission checks in the InitializeDevelPackage function in op ...

GHSA-mcfv-wm6f-9ch2

CVSS3: 6.5

github

больше 3 лет назад

Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.

EPSS

Процентиль: 38%

0.00165

Низкий

7.1 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-862