1 results (0.000 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14178
https://notcve.org/view.php?id=CVE-2017-14178
In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions. En snapd 2.27 hasta la versión 2.29.2, el comando "snap logs" podría llamar a journalctl sin argumentos match y, por lo tanto, permitir que usuarios no autenticados y sin privilegios omitan las restricciones de acceso a systemd-journald. • https://github.com/snapcore/snapd/pull/4194 https://launchpad.net/bugs/1730255 https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-14178.html • CWE-755: Improper Handling of Exceptional Conditions •