PT-2017-8492 · Red Hat+1 · Subscription-Manager+2

Cedric Buissart

·

Publicado

2016-11-03

·

Atualizado

2023-02-12

·

CVE-2016-4455

CVSS v3.1

3.3

Baixa

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Subscription Manager versions prior to 1.17.7-1
Description The issue concerns weak permissions set for cache directories in the Subscription Manager package, allowing local users to access sensitive information by reading files in these directories.
Recommendations For versions prior to 1.17.7-1, update to version 1.17.7-1 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CESA-2016_2592
CVE-2016-4455
RHSA-2016:2592
RHSA-2016_2592
RHSA-2017:0698
RHSA-2017_0698

Produtos afetados

Centos
Red Hat
Subscription-Manager