2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Once a recovery file has been preserved by the setuid root elvprsv
utility it is placed in a worldreadable directory with worldreadable
permissions. This possibly allows sensitive information to leak.
In addition to this information leak, it is possible for users
to recover files that belong to other users by using elvrec, another
setuid root binary.