← volver
CVE-2019-3694

Local privilege escalation from munin to root in the packaging of munin

CVSS 7.7 HIGHEPSS 0.4%CWE-59
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Productos afectados
openSUSE · FactoryopenSUSE · Leap 15.1

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.suse.com/show_bug.cgi?id=1155078