Lucene search
MicrofocusCVELIST:CVE-2018-19637HistoryFeb 21, 2019 - 12:00 a.m.
CVE-2018-19637 Static temporary filename allows overwriting of files
2019-02-2100:00:00
CWE-377
microfocus
www.cve.org
2.8 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection
CNA Affected
[
{
"product": "supportutils",
"vendor": "SUSE",
"versions": [
{
"lessThan": "3.1-5.7.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Code injection
2019-03-05 16:29:00
cve
cve
CVE-2018-19637
2019-03-05 16:29:00
nvd
nvd
CVE-2018-19637
2019-03-05 16:29:00
nessus
nessus
openSUSE Security Update : supportutils (openSUSE-2019-293)
2019-03-06 00:00:00
openSUSE Security Update : hostinfo / supportutils (openSUSE-2019-1351)
2019-05-09 00:00:00
suse
suse
Security update for supportutils (important)
2019-03-06 00:00:00
Security update for hostinfo, supportutils (important)
2019-05-08 00:00:00
openvas
openvas
openSUSE: Security Advisory for supportutils (openSUSE-SU-2019:0293-1)
2019-03-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0480-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1122-1)
2021-04-19 00:00:00
2.8 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
6.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVELIST:CVE-2018-19637