PT-2018-17987 · Magnicomp · Magnicomp Sysinfo

Published

2018-05-21

Updated

2018-10-09

CVE-2018-7268

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions MagniComp SysInfo versions prior to 10-H81

Description The issue allows a local unprivileged user to read any root-owned file on the system, regardless of the file permissions. This can lead to the exposure of confidential information, such as password hashes, log files, or private keys. The impact is related to confidentiality, with no direct effect on system integrity or availability.

Recommendations For MagniComp SysInfo versions prior to 10-H81, update to version 10-H81 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-7268

Affected Products

Magnicomp Sysinfo

PT-2018-17987 · Magnicomp · Magnicomp Sysinfo

CVE-2018-7268

Weakness Enumeration

Related Identifiers

Affected Products

References · 5