PT-2018-4036 · Suse · Opensuse Open Build Service

Ludwig Nussel

Publicado

2018-06-11

Atualizado

2019-10-09

CVE-2011-4181

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions SUSE open build service versions prior to 2.3 SUSE open build service version 2.1.15 and earlier

Description A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled.

Recommendations For SUSE open build service versions prior to 2.3, update to version 2.3 or later. For SUSE open build service version 2.1.15 and earlier, update to a version later than 2.1.15 or apply the necessary patches to restrict access to source files.

Correção

Improper Access Control

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-20

Identificadores relacionados

CVE-2011-4181

Produtos afetados

Opensuse Open Build Service

PT-2018-4036 · Suse · Opensuse Open Build Service

CVE-2011-4181

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6