CVE-2015-0257
Status: Modified
Last modified:
12-02-2023
Published:
01-05-2015
2.1
SUMMARY CVE-2015-0257
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
Access CVSS CVE-2015-0257
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | LOCAL | NONE | - | - |
Impact CVSS CVE-2015-0257
Confidentiality | Integrity | Availability |
---|---|---|
PARTIAL | NONE | NONE |
Details CVE-2015-0257
EPSS | 0.00042 |
---|---|
EPSS % | 0.05057 |
References | |
CWE | CWE-264 |
Vulnerable Configurations |
|