Lucene search

K
prionPRIOn knowledge basePRION:CVE-2018-16883
HistoryDec 19, 2018 - 2:29 p.m.

Design/Logic Flaw

2018-12-1914:29:00
PRIOn knowledge base
www.prio-n.com
7

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the “allowed_uids” configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.

CPENameOperatorVersion
sssdge1.13.0
sssdlt2.0.0

5.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%