CVE-2012-0949

EPSS 0.47%
Veröffentlicht 31.05.2012 17:55:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle security@ubuntu.com
CVE-Watchlists
Login
Unerledigt
Login

The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Canonical ≫ Ubuntu Linux Version11.04

Canonical ≫ Ubuntu Linux Version11.10

Canonical ≫ Ubuntu Linux Version12.04 Update- Editionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.47%	0.617

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://osvdb.org/82020

http://secunia.com/advisories/49230

Vendor Advisory

http://www.securityfocus.com/bid/53605

http://www.ubuntu.com/usn/USN-1443-1

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/75728

https://nvd.nist.gov/vuln/detail/CVE-2012-0949

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-0949

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-0949

EUVD