PT-2018-11197 · Opensuse · Open Build Service

Marcus Meissner

·

Publicado

2018-08-01

·

Atualizado

2019-10-09

·

CVE-2018-12466

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions openSUSE openbuildservice versions prior to 9.2.4
Description The issue allows authenticated users to delete packages on specific projects with project links.
Recommendations For versions prior to 9.2.4, update to version 9.2.4 or later to resolve the issue.

Exploit

Correção

Improper Authorization

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-285CWE-732

Identificadores relacionados

CVE-2018-12466

Produtos afetados

Open Build Service