Описание
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
Отчет
Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| RHUI for RHEL 6 | grinder | Will not fix | ||
| CloudForms for RHEL 6 | candlepin | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | gofer | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | grinder | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-agent | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-certs-tools | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-cli | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-cli-tests | Fixed | RHSA-2012:1543 | 04.12.2012 |
| CloudForms for RHEL 6 | katello-configure | Fixed | RHSA-2012:1543 | 04.12.2012 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
EPSS
4.6 Medium
CVSS2