2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
3.1 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
A vulnerability, which was classified as problematic, was found in KDE
Plasma Workspace up to 5.93.0. This affects the function
EventPluginsManager::enabledPlugins of the file
components/calendar/eventpluginsmanager.cpp of the component Theme File
Handler. The manipulation of the argument pluginId leads to path traversal.
It is possible to initiate the attack remotely. The complexity of an attack
is rather high. The exploitability is told to be difficult. The patch is
named 6cdf42916369ebf4ad5bd876c4dfa0170d7b2f01. It is recommended to apply
a patch to fix this issue. The associated identifier of this vulnerability
is VDB-253407. NOTE: This requires write access to user’s home or the
installation of third party global themes.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | plasma-workspace | < any | UNKNOWN |
ubuntu | 20.04 | noarch | plasma-workspace | < any | UNKNOWN |
ubuntu | 22.04 | noarch | plasma-workspace | < any | UNKNOWN |
ubuntu | 23.10 | noarch | plasma-workspace | < any | UNKNOWN |
ubuntu | 24.04 | noarch | plasma-workspace | < any | UNKNOWN |
ubuntu | 16.04 | noarch | plasma-workspace | < any | UNKNOWN |
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
3.1 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%