Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-5302
HistoryDec 07, 2015 - 6:59 p.m.

CVE-2015-5302

2015-12-0718:59:03
CWE-200
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report.

Affected configurations

NVD
Node
redhatlibreportMatch2.0.8
OR
redhatlibreportMatch2.0.9
OR
redhatlibreportMatch2.0.10
OR
redhatlibreportMatch2.0.14
OR
redhatlibreportMatch2.0.16
OR
redhatlibreportMatch2.0.19
OR
redhatlibreportMatch2.0.20
OR
redhatlibreportMatch2.1.0
OR
redhatlibreportMatch2.1.1
OR
redhatlibreportMatch2.1.2
OR
redhatlibreportMatch2.1.3
OR
redhatlibreportMatch2.1.4
OR
redhatlibreportMatch2.1.5
OR
redhatlibreportMatch2.1.6
OR
redhatlibreportMatch2.1.7
OR
redhatlibreportMatch2.1.8
OR
redhatlibreportMatch2.1.9
OR
redhatlibreportMatch2.1.10
OR
redhatlibreportMatch2.1.11
OR
redhatlibreportMatch2.2.2
OR
redhatlibreportMatch2.2.3
OR
redhatlibreportMatch2.3.0
OR
redhatlibreportMatch2.5.1
OR
redhatlibreportMatch2.6.2

Related

openvas 7
veracode 2
nessus 11
fedora 6
cvelist 1
cve 1
oraclelinux 2
redhat 2
centos 2
prion 1
openvas
openvas
CentOS Update for libreport CESA-2015:2504 centos6
2015-12-03 00:00:00
Fedora Update for abrt FEDORA-2015-6542
2015-11-26 00:00:00
RedHat Update for libreport RHSA-2015:2504-01
2015-11-24 00:00:00
veracode
veracode
Information Disclosure
2018-08-08 02:38:15
Information Disclosure
2019-01-15 09:08:41
nessus
nessus
RHEL 6 : libreport (RHSA-2015:2504)
2015-11-24 00:00:00
Scientific Linux Security Update : libreport on SL6.x i386/x86_64 (20151123)
2015-11-25 00:00:00
Fedora 23 : abrt-2.7.0-2.fc23 / libreport-2.6.3-1.fc23 (2015-cc585b503f)
2016-03-04 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: abrt-2.7.0-2.fc23
2015-10-31 16:10:36
[SECURITY] Fedora 23 Update: libreport-2.6.3-1.fc23
2015-10-31 16:10:36
[SECURITY] Fedora 21 Update: libreport-2.3.0-10.fc21
2015-11-26 04:58:18
cvelist
cvelist
CVE-2015-5302
2015-12-07 18:00:00
cve
cve
CVE-2015-5302
2015-12-07 18:59:03
oraclelinux
oraclelinux
libreport security update
2015-11-23 00:00:00
abrt and libreport security update
2015-11-25 00:00:00
redhat
redhat
(RHSA-2015:2504) Moderate: libreport security update
2015-11-23 00:00:00
(RHSA-2015:2505) Moderate: abrt and libreport security update
2015-11-23 10:17:59
centos
centos
libreport security update
2015-12-02 13:52:30
abrt, libreport security update
2015-12-01 18:46:19
prion
prion
Code injection
2015-12-07 18:59:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.4%

JSON
Related for NVD:CVE-2015-5302
openvas7veracode2nessus11fedora6cvelist1cve1oraclelinux2redhat2centos2prion1