CVE-2014-7301

Sažetak

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.

Reference

https://labs.f-secure.com/advisories/sgi-tempo-system-database-password-exposure/
https://packetstormsecurity.com/files/129466/SGI-Tempo-Database-Password-Disclosure.html

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

04-02-2020 - 14:24

Objavljeno

27-01-2020 - 18:15