Описание
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
Ссылки
- ExploitIssue TrackingVendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:suse:caas_platform:4.5:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00041
Низкий
3.6 Low
CVSS3
4.4 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-377
Связанные уязвимости
github
больше 3 лет назад
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
EPSS
Процентиль: 12%
0.00041
Низкий
3.6 Low
CVSS3
4.4 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-377