Lucene search
PRIOn knowledge basePRION:CVE-2015-1415HistoryApr 10, 2015 - 3:00 p.m.
Design/Logic Flaw
2015-04-1015:00:00
PRIOn knowledge base
www.prio-n.com
6.2 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.4%
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
Related
securityvulns
securityvulns
FreeBSD weak permissions
2015-04-08 00:00:00
FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415)
2015-04-08 00:00:00
FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall
2015-04-08 00:00:00
freebsd
freebsd
FreeBSD -- Insecure default GELI keyfile permissions
2015-04-07 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:08.bsdinstall
2015-04-07 00:00:00
cve
cve
CVE-2015-1415
2015-04-10 15:00:00
packetstorm
packetstorm
FreeBSD 10.x ZFS encryption.key Disclosure
2015-04-08 00:00:00
cvelist
cvelist
CVE-2015-1415
2015-04-10 14:00:00
nessus
nessus
6.2 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.4%
Related for PRION:CVE-2015-1415