5 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-10867
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by...
CVE-2018-10867
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user...
CVE-2018-10867
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user...
CVE-2018-10867
CVE-2018-10867 affects Red Hat redhat-certification 7. The flaw is an access-control error on the /update/results page, allowing a remote attacker to delete any file accessible by the user running httpd (apache). Root cause: insufficient access restriction for update results. Impact: potential da...
CVE-2018-10867
It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. Mitigation If SELinux is enabled, it will restrict the number of files...