Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2018-10867

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by...

9.1CVSS6.9AI score0.01069EPSS
Exploits0References1
OSV
OSV
added 2021/05/26 7:15 p.m.5 views

CVE-2018-10867

Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user...

9.1CVSS5.8AI score0.01069EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/05/26 6:3 p.m.25 views

CVE-2018-10867

Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user...

9.2AI score0.01069EPSS
Exploits0References2
CVE
CVE
added 2021/05/26 6:3 p.m.56 views

CVE-2018-10867

CVE-2018-10867 affects Red Hat redhat-certification 7. The flaw is an access-control error on the /update/results page, allowing a remote attacker to delete any file accessible by the user running httpd (apache). Root cause: insufficient access restriction for update results. Impact: potential da...

9.1CVSS9.1AI score0.01069EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2018/06/22 9:19 a.m.36 views

CVE-2018-10867

It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. Mitigation If SELinux is enabled, it will restrict the number of files...

9.1CVSS2.1AI score0.01069EPSS
Exploits0References1
Rows per page
Query Builder