PT-2013-1496 · Suse · Suse Cloud+1

Published

2013-12-02

Updated

2014-03-04

CVE-2012-0434

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Crowbar, as used in SUSE Cloud 1.0

Description The server in Crowbar uses weak permissions for the production.log file. The impact and attack vectors of this issue are not specified.

Recommendations For Crowbar, as used in SUSE Cloud 1.0, consider changing the permissions of the production.log file to more secure settings to mitigate potential risks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-0434

Affected Products

Crowbar

Suse Cloud

PT-2013-1496 · Suse · Suse Cloud+1

CVE-2012-0434

Weakness Enumeration

Related Identifiers

Affected Products

References · 4