exploitDog

CVE-2024-22037

Опубликовано: 28 нояб. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.

Ссылки

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22037

EPSS

Процентиль: 5%

0.00021

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-497

Связанные уязвимости

GHSA-4mrg-r3f5-vhvf

CVSS3: 5.5

github

около 1 года назад

The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.

SUSE-SU-2025:0525-1

suse-cvrf

12 месяцев назад

Security update for SUSE Manager Client Tools

EPSS

Процентиль: 5%

0.00021

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-497