CVE-2018-17955
2.2
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
Summary
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | yast2-multipath | unspecified < 4.1.1 | affected |
Weaknesses
- CWE-377: CWE-377
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.