6.5 Medium
AI Score
Confidence
Low
1.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.4%
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cups/client.conf.
CPE | Name | Operator | Version |
---|---|---|---|
cups | eq | 1.7.1 b1 | |
cups | eq | 1.7 rc1 | |
cups | le | 1.7.0 | |
ubuntu_linux | eq | 13.04 | |
ubuntu_linux | eq | 13.10 | |
ubuntu_linux | eq | 12.10 |