Lucene search
HistoryApr 10, 2013 - 3:55 p.m.
CVE-2012-6120
red hat openstack
openstack essex
openstack folsom
vulnerability
cve-2012-6120
nvd
information security
permissions
sensitive information
local users
puppet
log files
5.6 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable permissions, which allows local users to obtain sensitive information such as Puppet log files.
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:openstack_folsom | redhat openstack folsom | eq | - |
| redhat:openstack_essex | redhat openstack essex | eq | - |
Related
nessus
nessus
Debian DLA-29-1 : puppet security update
2015-03-26 00:00:00
GLSA-201308-04 : Puppet: Multiple vulnerabilities
2013-08-25 00:00:00
prion
prion
Code injection
2013-04-10 15:55:00
ubuntucve
ubuntucve
CVE-2012-6120
2013-04-10 00:00:00
debian
debian
[DLA 29-1] puppet security update
2014-08-01 11:26:43
openvas
openvas
Debian: Security Advisory (DLA-29-1)
2023-03-08 00:00:00
Gentoo Security Advisory GLSA 201308-04
2015-09-29 00:00:00
veracode
veracode
Information Disclosure
2019-01-15 08:51:31
debiancve
debiancve
CVE-2012-6120
2013-04-10 15:55:00
redhat
redhat
(RHSA-2013:0710) Important: puppet security update
2013-04-04 00:00:00
gentoo
gentoo
Puppet: Multiple vulnerabilities
2013-08-23 00:00:00
5.6 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2012-6120