Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2018-3158.NASL
HistoryOct 31, 2018 - 12:00 a.m.

RHEL 7 : sssd (RHSA-2018:3158)

2018-10-3100:00:00
This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
33

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

An update for sssd is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

The following packages have been upgraded to a later upstream version:
sssd (1.16.2). (BZ#1558498)

Security Fix(es) :

  • sssd: information leak from the sssd-sudo responder (CVE-2018-10852)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Jakub Hrozek (Red Hat).

Additional Changes :

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2018:3158. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('compat.inc');

if (description)
{
  script_id(118533);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/02/01");

  script_cve_id("CVE-2018-10852");
  script_xref(name:"RHSA", value:"2018:3158");

  script_name(english:"RHEL 7 : sssd (RHSA-2018:3158)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"An update for sssd is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Low. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link (s) in the References section.

The System Security Services Daemon (SSSD) service provides a set of
daemons to manage access to remote directories and authentication
mechanisms. It also provides the Name Service Switch (NSS) and the
Pluggable Authentication Modules (PAM) interfaces toward the system,
and a pluggable back-end system to connect to multiple different
account sources.

The following packages have been upgraded to a later upstream version:
sssd (1.16.2). (BZ#1558498)

Security Fix(es) :

* sssd: information leak from the sssd-sudo responder (CVE-2018-10852)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

This issue was discovered by Jakub Hrozek (Red Hat).

Additional Changes :

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.6 Release Notes linked from the References section.");
  # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3395ff0b");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3158");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-10852");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10852");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/10/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/31");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libipa_hbac");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libipa_hbac-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_autofs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_certmap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_certmap-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_idmap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_idmap-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_nss_idmap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_nss_idmap-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_simpleifp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_simpleifp-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsss_sudo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-libipa_hbac");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-libsss_nss_idmap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-sss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-sss-murmur");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-sssdconfig");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-ad");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-client");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-common-pac");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-dbus");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-ipa");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-kcm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-krb5");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-krb5-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-ldap");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-libwbclient");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-libwbclient-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-polkit-rules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-proxy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sssd-winbind-idmap");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2018:3158";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", reference:"libipa_hbac-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libipa_hbac-devel-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libsss_autofs-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libsss_autofs-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_certmap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_certmap-devel-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_idmap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_idmap-devel-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_nss_idmap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_nss_idmap-devel-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_simpleifp-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"libsss_simpleifp-devel-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libsss_sudo-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libsss_sudo-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"python-libipa_hbac-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-libipa_hbac-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"python-libsss_nss_idmap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-libsss_nss_idmap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"python-sss-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-sss-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"python-sss-murmur-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python-sss-murmur-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"python-sssdconfig-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-ad-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-ad-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"sssd-client-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-common-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-common-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-common-pac-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-common-pac-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-dbus-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-dbus-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"sssd-debuginfo-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-ipa-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-ipa-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-kcm-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-kcm-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-krb5-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-krb5-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-krb5-common-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-krb5-common-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-ldap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-ldap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-libwbclient-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-libwbclient-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", reference:"sssd-libwbclient-devel-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-polkit-rules-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-polkit-rules-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-proxy-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-proxy-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-tools-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-tools-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sssd-winbind-idmap-1.16.2-13.el7")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sssd-winbind-idmap-1.16.2-13.el7")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libipa_hbac / libipa_hbac-devel / libsss_autofs / libsss_certmap / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxlibipa_hbacp-cpe:/a:redhat:enterprise_linux:libipa_hbac
redhatenterprise_linuxlibipa_hbac-develp-cpe:/a:redhat:enterprise_linux:libipa_hbac-devel
redhatenterprise_linuxlibsss_autofsp-cpe:/a:redhat:enterprise_linux:libsss_autofs
redhatenterprise_linuxlibsss_certmapp-cpe:/a:redhat:enterprise_linux:libsss_certmap
redhatenterprise_linuxlibsss_certmap-develp-cpe:/a:redhat:enterprise_linux:libsss_certmap-devel
redhatenterprise_linuxlibsss_idmapp-cpe:/a:redhat:enterprise_linux:libsss_idmap
redhatenterprise_linuxlibsss_idmap-develp-cpe:/a:redhat:enterprise_linux:libsss_idmap-devel
redhatenterprise_linuxlibsss_nss_idmapp-cpe:/a:redhat:enterprise_linux:libsss_nss_idmap
redhatenterprise_linuxlibsss_nss_idmap-develp-cpe:/a:redhat:enterprise_linux:libsss_nss_idmap-devel
redhatenterprise_linuxlibsss_simpleifpp-cpe:/a:redhat:enterprise_linux:libsss_simpleifp
Rows per page:
1-10 of 361

Related

openvas 12
nessus 22
suse 2
cvelist 1
redhat 1
amazon 2
centos 1
osv 2
nvd 1
prion 1
cve 1
veracode 1
debian 1
mageia 1
oraclelinux 1
redhatcve 1
ubuntucve 1
debiancve 1
ubuntu 1
openvas
openvas
Debian: Security Advisory (DLA-1429-1)
2018-07-16 00:00:00
openSUSE: Security Advisory for sssd (openSUSE-SU-2018:2289-1)
2018-10-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0081-1)
2021-04-19 00:00:00
nessus
nessus
EulerOS 2.0 SP2 : sssd (EulerOS-SA-2018-1429)
2018-12-28 00:00:00
SUSE SLED15 / SLES15 Security Update : sssd (SUSE-SU-2018:2144-1)
2019-01-02 00:00:00
Amazon Linux AMI : sssd (ALAS-2018-1127)
2019-01-25 00:00:00
suse
suse
Security update for sssd (moderate)
2019-01-14 00:00:00
Security update for sssd (moderate)
2018-08-10 03:11:29
cvelist
cvelist
CVE-2018-10852
2018-06-26 14:00:00
redhat
redhat
(RHSA-2018:3158) Low: sssd security, bug fix, and enhancement update
2018-10-30 04:24:36
amazon
amazon
Low: sssd
2019-01-22 18:00:00
Low: sssd
2018-12-13 20:15:00
centos
centos
libipa_hbac, libsss_autofs, libsss_certmap, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, libsss_sudo, python, sssd security update
2018-11-15 18:52:44
osv
osv
sssd - security update
2018-07-16 00:00:00
sssd vulnerabilities
2021-09-08 11:40:23
nvd
nvd
CVE-2018-10852
2018-06-26 14:29:02
prion
prion
Code injection
2018-06-26 14:29:00
cve
cve
CVE-2018-10852
2018-06-26 14:29:02
veracode
veracode
Information Disclosure
2019-01-15 09:26:43
debian
debian
[SECURITY] [DLA 1429-1] sssd security update
2018-07-16 10:09:58
mageia
mageia
Updated sssd packages fix security vulnerability
2018-08-24 02:35:07
oraclelinux
oraclelinux
sssd security, bug fix, and enhancement update
2018-11-05 00:00:00
redhatcve
redhatcve
CVE-2018-10852
2018-06-26 03:18:41
ubuntucve
ubuntucve
CVE-2018-10852
2018-06-26 00:00:00
debiancve
debiancve
CVE-2018-10852
2018-06-26 14:29:02
ubuntu
ubuntu
SSSD vulnerabilities
2021-09-08 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON
Related for REDHAT-RHSA-2018-3158.NASL
openvas12nessus22suse2cvelist1redhat1amazon2centos1osv2nvd1prion1cve1veracode1debian1mageia1oraclelinux1redhatcve1ubuntucve1debiancve1ubuntu1