CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:S/C:P/I:N/A:N
EPSS
Percentile
26.5%
The web interface in CUPS 1.7.4 allows local users in the lp group to read
arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and
language[0] set to null. NOTE: this vulnerability exists because of an
incomplete fix for CVE-2014-3537.
Author | Note |
---|---|
mdeslaur | The patch below introduces a regression preventing the web interface from being able to read log files. (See comments in bug 4455.) |