CanonicalCVELIST:CVE-2020-15703CVE-2020-15703 aptdaemon allows unprivileged users to test for the presence of local files via the transaction Locale property
4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.8 Low
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.0%
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.
CNA Affected
[
{
"product": "aptdaemon",
"vendor": "Canonical",
"versions": [
{
"lessThan": "1.1.1+bzr982-0ubuntu32.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "1.1.1+bzr982-0ubuntu19.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "1.1.1+bzr982-0ubuntu14.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.8 Low
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.0%