1.9

CVE-2014-0135

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by reading the file.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TheforemanKafo Version <= 0.3.16
TheforemanKafo Version0.0.1
TheforemanKafo Version0.0.2
TheforemanKafo Version0.0.3
TheforemanKafo Version0.0.4
TheforemanKafo Version0.0.5
TheforemanKafo Version0.0.6
TheforemanKafo Version0.0.7
TheforemanKafo Version0.0.8
TheforemanKafo Version0.0.9
TheforemanKafo Version0.0.10
TheforemanKafo Version0.0.11
TheforemanKafo Version0.0.12
TheforemanKafo Version0.0.13
TheforemanKafo Version0.0.14
TheforemanKafo Version0.0.15
TheforemanKafo Version0.0.16
TheforemanKafo Version0.0.17
TheforemanKafo Version0.1.0
TheforemanKafo Version0.2.0
TheforemanKafo Version0.2.1
TheforemanKafo Version0.2.2
TheforemanKafo Version0.3.0
TheforemanKafo Version0.3.1
TheforemanKafo Version0.3.2
TheforemanKafo Version0.3.3
TheforemanKafo Version0.3.4
TheforemanKafo Version0.3.5
TheforemanKafo Version0.3.6
TheforemanKafo Version0.3.7
TheforemanKafo Version0.3.8
TheforemanKafo Version0.3.9
TheforemanKafo Version0.3.10
TheforemanKafo Version0.3.11
TheforemanKafo Version0.3.12
TheforemanKafo Version0.3.13
TheforemanKafo Version0.3.14
TheforemanKafo Version0.3.15
TheforemanKafo Version0.4.0
TheforemanKafo Version0.5.0
TheforemanKafo Version0.5.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.096
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:P/I:N/A:N