CVE-2015-1870

low-risk
Published 2017-06-26

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.

Do I need to act?

-
0.10% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Automatic Bug Reporting Tool

Affected Vendors

Redhat

References (14)

Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1083.html
http://rhn.redhat.com/errata/RHSA-2015-1210.html
Third Party Advisory http://www.securityfocus.com/bid/75119
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1212868
Patch https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1
Patch https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c
Patch https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c...
Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-1083.html
http://rhn.redhat.com/errata/RHSA-2015-1210.html
Third Party Advisory http://www.securityfocus.com/bid/75119
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1212868
Patch https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1
Patch https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c
Patch https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c...
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal