CVE-2011-3177

EPSS 0.03%
Published 08.09.2017 18:29:00
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Yast ≫ Yast2 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://bugzilla.suse.com/show_bug.cgi?id=713661

Third Party Advisory

Issue Tracking

https://github.com/yast/yast-core/commit/7fe2e3df308b8b6a901cb2cfd60f398df53219de

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2011-3177

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-3177

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-3177

EUVD