4.6
CVE-2012-3537
- EPSS 0.59%
- Veröffentlicht 05.09.2012 23:55:02
- Zuletzt bearbeitet 16.06.2026 23:43:25
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.59% | 0.435 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://osvdb.org/84955
http://secunia.com/advisories/50442
http://www.openwall.com/lists/oss-security/2012/08/27/5
http://www.openwall.com/lists/oss-security/2012/08/27/7
http://www.securityfocus.com/bid/55240
https://bugzilla.novell.com/show_bug.cgi?id=774967
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
https://github.com/dellcloudedge/barclamp-deployer/pull/57