Lucene search
RedhatCVE-2013-4157HistoryOct 04, 2013 - 5:55 p.m.
CVE-2013-4157
2013-10-0417:55:09
CWE-59
redhat
web.nvd.nist.gov
28
red hat storage 2.0
local users
symlink attack
arbitrary files
nvd
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0
Percentile
5.1%
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp.
Affected configurations
Node
redhatstorage_serverMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | storage_server | 2.0 | cpe:2.3:a:redhat:storage_server:2.0:*:*:*:*:*:*:* |
Related
veracode
veracode
Arbitrary File Overwrite
2019-01-15 08:58:33
nessus
nessus
RHEL 6 : Storage Server (RHSA-2013:1205)
2014-11-08 00:00:00
prion
prion
Code injection
2013-10-04 17:55:00
redhat
redhat
cvelist
cvelist
CVE-2013-4157
2013-10-04 17:00:00
nvd
nvd
CVE-2013-4157
2013-10-04 17:55:09
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2013-4157