Описание
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.9.1 (включая)
Одновременно
cpe:2.3:a:opensuse:factory_watchman:*:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:15:sp3:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.0011
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-59
CWE-59
Связанные уязвимости
CVSS3: 7.8
github
около 4 лет назад
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1.
EPSS
Процентиль: 30%
0.0011
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-59
CWE-59