Lucene search

[email protected]NVD:CVE-2014-0135

HistoryMay 08, 2014 - 2:29 p.m.

CVE-2014-0135

2014-05-0814:29:13

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file.

Affected configurations

Nvd

Node

theforemankafoRange≤0.3.16

theforemankafoMatch0.0.1

theforemankafoMatch0.0.2

theforemankafoMatch0.0.3

theforemankafoMatch0.0.4

theforemankafoMatch0.0.5

theforemankafoMatch0.0.6

theforemankafoMatch0.0.7

theforemankafoMatch0.0.8

theforemankafoMatch0.0.9

theforemankafoMatch0.0.10

theforemankafoMatch0.0.11

theforemankafoMatch0.0.12

theforemankafoMatch0.0.13

theforemankafoMatch0.0.14

theforemankafoMatch0.0.15

theforemankafoMatch0.0.16

theforemankafoMatch0.0.17

theforemankafoMatch0.1.0

theforemankafoMatch0.2.0

theforemankafoMatch0.2.1

theforemankafoMatch0.2.2

theforemankafoMatch0.3.0

theforemankafoMatch0.3.1

theforemankafoMatch0.3.2

theforemankafoMatch0.3.3

theforemankafoMatch0.3.4

theforemankafoMatch0.3.5

theforemankafoMatch0.3.6

theforemankafoMatch0.3.7

theforemankafoMatch0.3.8

theforemankafoMatch0.3.9

theforemankafoMatch0.3.10

theforemankafoMatch0.3.11

theforemankafoMatch0.3.12

theforemankafoMatch0.3.13

theforemankafoMatch0.3.14

theforemankafoMatch0.3.15

theforemankafoMatch0.4.0

theforemankafoMatch0.5.0

theforemankafoMatch0.5.1

VendorProductVersionCPE
theforemankafo*cpe:2.3:a:theforeman:kafo:*:*:*:*:*:*:*:*
theforemankafo0.0.1cpe:2.3:a:theforeman:kafo:0.0.1:*:*:*:*:*:*:*
theforemankafo0.0.2cpe:2.3:a:theforeman:kafo:0.0.2:*:*:*:*:*:*:*
theforemankafo0.0.3cpe:2.3:a:theforeman:kafo:0.0.3:*:*:*:*:*:*:*
theforemankafo0.0.4cpe:2.3:a:theforeman:kafo:0.0.4:*:*:*:*:*:*:*
theforemankafo0.0.5cpe:2.3:a:theforeman:kafo:0.0.5:*:*:*:*:*:*:*
theforemankafo0.0.6cpe:2.3:a:theforeman:kafo:0.0.6:*:*:*:*:*:*:*
theforemankafo0.0.7cpe:2.3:a:theforeman:kafo:0.0.7:*:*:*:*:*:*:*
theforemankafo0.0.8cpe:2.3:a:theforeman:kafo:0.0.8:*:*:*:*:*:*:*
theforemankafo0.0.9cpe:2.3:a:theforeman:kafo:0.0.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
theforeman	kafo	*	cpe:2.3:a:theforeman:kafo::::::::
theforeman	kafo	0.0.1	cpe:2.3:a:theforeman:kafo:0.0.1:::::::*
theforeman	kafo	0.0.2	cpe:2.3:a:theforeman:kafo:0.0.2:::::::*
theforeman	kafo	0.0.3	cpe:2.3:a:theforeman:kafo:0.0.3:::::::*
theforeman	kafo	0.0.4	cpe:2.3:a:theforeman:kafo:0.0.4:::::::*
theforeman	kafo	0.0.5	cpe:2.3:a:theforeman:kafo:0.0.5:::::::*
theforeman	kafo	0.0.6	cpe:2.3:a:theforeman:kafo:0.0.6:::::::*
theforeman	kafo	0.0.7	cpe:2.3:a:theforeman:kafo:0.0.7:::::::*
theforeman	kafo	0.0.8	cpe:2.3:a:theforeman:kafo:0.0.8:::::::*
theforeman	kafo	0.0.9	cpe:2.3:a:theforeman:kafo:0.0.9:::::::*