Опубликовано: 28 мая 2017
Источник: ubuntu
Приоритет: high
EPSS Высокий
CVSS2: 10
CVSS3: 9.8
Описание
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.25.6-0ubuntu1.14.04.2]] |
| esm-infra/xenial | released | 2.0.2-0ubuntu0.16.04.2 |
| precise/esm | DNE | |
| trusty | released | 1.25.6-0ubuntu1.14.04.2 |
| trusty/esm | DNE | trusty was released [1.25.6-0ubuntu1.14.04.2] |
| upstream | released | 2.1.3, 2.0.4, 1.25.12 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 2.0.2-0ubuntu0.16.04.2 |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | released | 1.25.6-0ubuntu1.16.04.2 |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 1.25.12 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 1.25.6-0ubuntu1.16.04.2 |
Показывать по
10
EPSS
Процентиль: 99%
0.81605
Высокий
10 Critical
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 8 лет назад
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without setting appropriate permissions, allowing privilege escalation by users on the system to root.
CVSS3: 9.8
debian
больше 8 лет назад
Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a ...
CVSS3: 9.8
github
больше 3 лет назад
Juju uses a UNIX domain socket without setting appropriate permissions
EPSS
Процентиль: 99%
0.81605
Высокий
10 Critical
CVSS2
9.8 Critical
CVSS3