CVE-2014-7303

Sažetak

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db.

Reference

https://labs.f-secure.com/advisories/sgi-tempo-system-database-exposure/
https://packetstormsecurity.com/files/129467/SGI-Tempo-Database-Exposure.html

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

04-02-2020 - 14:24

Objavljeno

27-01-2020 - 18:15