CVE-2018-19638 Information

Description

In supportutils before version 3.1-5.7.1 and if pacemaker is installed on the system an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Reference

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html https://bugzilla.suse.com/show_bug.cgi?id=1118460

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

4.7