CVE-2014-4658

Опубликовано: 20 фев. 2020

Источник: ubuntu

Приоритет: medium

CVSS2: 2.1

CVSS3: 5.5

Описание

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.

Релиз	Статус	Примечание
artful	not-affected	1.6.5+dfsg-1
bionic	not-affected	1.6.5+dfsg-1
cosmic	not-affected	1.6.5+dfsg-1
devel	not-affected	1.6.5+dfsg-1
disco	not-affected	1.6.5+dfsg-1
eoan	not-affected	1.6.5+dfsg-1
esm-apps/bionic	not-affected	1.6.5+dfsg-1
esm-apps/focal	not-affected	1.6.5+dfsg-1
esm-apps/jammy	not-affected	1.6.5+dfsg-1
esm-apps/xenial	not-affected	1.6.5+dfsg-1

Показывать по

Ссылки на источники

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2014-4658

CVSS3: 5.5

redhat

почти 12 лет назад

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.

CVE-2014-4658

CVSS3: 5.5

nvd

почти 6 лет назад

The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.

CVE-2014-4658

CVSS3: 5.5

debian

почти 6 лет назад

The vault subsystem in Ansible before 1.5.5 does not set the umask bef ...

GHSA-5g4v-2pc6-4hh4

CVSS3: 5.5

github

больше 3 лет назад

Ansible Sensitive Files Are Locally Readable

2.1 Low

CVSS2

5.5 Medium

CVSS3

CVE-2014-4658

Описание

Пакет ansible

Ссылки на источники

Связанные уязвимости