CVE-2015-1870

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:automatic_bug_reporting_tool:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-06-26 15:29

Updated : 2024-02-04 19:29


NVD link : CVE-2015-1870

Mitre link : CVE-2015-1870

CVE.ORG link : CVE-2015-1870


JSON object : View

Products Affected

redhat

  • automatic_bug_reporting_tool
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor