PT-2014-1770 · Apple+5 · Cups+5

Salvatore Bonaccorso

Publicado

2014-07-23

Atualizado

2024-06-15

CVE-2014-5031

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions CUPS versions prior to 2.0

Description The issue allows remote attackers to obtain sensitive information due to a lack of permission checks on files in the web interface. Multiple vulnerabilities in the CUPS package may lead to a breach of confidentiality of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For versions prior to 2.0, update to version 2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface to minimize the risk of exploitation.

Correção

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-59CWE-264

Identificadores relacionados

ALT-PU-2014-2057

BDU:2015-01463

CESA-2014_1388

CVE-2014-5031

DLA-0022-1

DSA-2990-1

MGASA-2014-0313

OPENSUSE-SU-2024:10075-1

RHSA-2014:1388

RHSA-2014_1388

SUSE-SU-2015:0575-1

SUSE-SU-2015:1011-1

USN-2341-1

Produtos afetados

Alt Linux

Cups

Centos

Red Hat

Suse

Ubuntu

PT-2014-1770 · Apple+5 · Cups+5

CVE-2014-5031

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 67