PT-2013-4878 · Red Hat · Red Hat Storage
Published
2013-10-04
·
Updated
2023-02-13
·
CVE-2013-4157
CVSS v2.0
3.6
Low
| Vector | AV:L/AC:L/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Red Hat Storage version 2.0
Description
The issue allows local users to overwrite arbitrary files via a symlink attack on certain files in /tmp, including
e, local-bricks.list, bricks.err, or limits.conf.Recommendations
For Red Hat Storage version 2.0, consider restricting access to the files in /tmp to prevent a symlink attack until a patch is available. As a temporary workaround, monitor the /tmp directory for suspicious activity and restrict write access to these files to minimize the risk of exploitation.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat Storage