Vulnerabilities (CVE)

Filtered by vendor Sos-collector Project Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14650 2 Redhat, Sos-collector Project 6 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 3 more 2024-11-21 1.9 LOW 5.9 MEDIUM
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.