Lucene search
Veracode Vulnerability DatabaseVERACODE:13210HistoryJan 15, 2019 - 9:27 a.m.
Information Disclosure
2019-01-1509:27:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
0.0004 Low
EPSS
Percentile
5.1%
sos-collector is vulnerable to information disclosure. Incorrect permissions set on new files created by the sos-collector in /var/tmp directory allows a local attacker to access the files and retrieve confidential information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sos-collector | eq | 1.4__3.el7 | |
| sos-collector | eq | 1.4__3.el7 |
References
access.redhat.com/errata/RHSA-2018:3663
access.redhat.com/security/cve/CVE-2018-14650
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1633243
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14650
github.com/sosreport/sos-collector/commit/72058f9253e7ed8c7243e2ff76a16d97b03d65ed
Related
oraclelinux
oraclelinux
sos-collector security update
2018-11-28 00:00:00
nessus
nessus
Fedora 28 : sos-collector (2018-1f3a47bfbb)
2019-01-03 00:00:00
Fedora 27 : sos-collector (2018-f2f8571abd)
2018-11-01 00:00:00
cvelist
cvelist
CVE-2018-14650
2018-09-27 20:00:00
redhat
redhat
(RHSA-2018:3663) Moderate: sos-collector security update
2018-11-26 23:00:57
openvas
openvas
Fedora Update for sos-collector FEDORA-2018-672c028631
2019-05-07 00:00:00
CentOS Update for sos-collector CESA-2018:3663 centos7
2018-12-18 00:00:00
Fedora Update for sos-collector FEDORA-2018-1f3a47bfbb
2018-11-01 00:00:00
nvd
nvd
CVE-2018-14650
2018-09-27 20:29:00
prion
prion
Directory traversal
2018-09-27 20:29:00
centos
centos
sos security update
2018-12-13 20:46:06
fedora
fedora
[SECURITY] Fedora 27 Update: sos-collector-1.5-3.fc27
2018-10-31 15:25:39
[SECURITY] Fedora 28 Update: sos-collector-1.5-3.fc28
2018-10-31 15:52:58
[SECURITY] Fedora 29 Update: sos-collector-1.5-3.fc29
2018-10-30 17:45:34
ubuntucve
ubuntucve
CVE-2018-14650
2018-09-27 00:00:00
osv
osv
CVE-2018-14650
2018-09-27 20:29:00
cve
cve
CVE-2018-14650
2018-09-27 20:29:00
redhatcve
redhatcve
CVE-2018-14650
2018-09-27 13:49:01