CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2806 – ovirt-log-collector: RHVM admin password is logged unfiltered
https://notcve.org/view.php?id=CVE-2022-2806
It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev Se ha detectado que ovirt-log-collector/sosreport recoge la contraseña de administrador de RHV sin filtrar. Corregido en: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev A flaw was found in the ovirt-log-collector, which led to the logging of plaintext passwords in the log file. This flaw allows an attacker with sufficient privileges to read the log file, leading to a loss of confidentiality. • https://github.com/sosreport/sos/pull/2947 https://access.redhat.com/security/cve/CVE-2022-2806 https://bugzilla.redhat.com/show_bug.cgi?id=2080005 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1CVE-2018-14650 – sos-collector: incorrect permissions set on newly created files
https://notcve.org/view.php?id=CVE-2018-14650
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory. Se ha descubierto que sos-collector no establece correctamente los permisos por defecto de los nuevos archivos creados, haciendo que todos los archivos creados por la herramienta puedan ser leídos por cualquier usuario local. Un atacante local podría utilizar este error esperando a que un usuario legítimo ejecute sos-collector y robe los datos recopilados en el directorio /var/tmp. • https://access.redhat.com/errata/RHSA-2018:3663 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14650 https://github.com/sosreport/sos-collector/commit/72058f9253e7ed8c7243e2ff76a16d97b03d65ed https://access.redhat.com/security/cve/CVE-2018-14650 https://bugzilla.redhat.com/show_bug.cgi?id=1633243 • CWE-276: Incorrect Default Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3171
https://notcve.org/view.php?id=CVE-2015-3171
sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive. sosreport versión 3.2, utiliza permisos débiles para los archivos de sosreport generados, lo que permite a los usuarios locales con acceso a /var/tmp/ obtener información confidencial mediante la lectura del contenido del archivo. • https://bugzilla.redhat.com/show_bug.cgi?id=1218658 https://github.com/sosreport/sos/commit/d7759d3ddae5fe99a340c88a1d370d65cfa73fd6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2015-7529 – sos: Usage of predictable temporary files allows privilege escalation
https://notcve.org/view.php?id=CVE-2015-7529
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date. sosreport en las versiones 3.x de SoS permite que usuarios locales ibtengan información sensible de archivos sosreport u obtener privilegios mediante un ataque de vínculo simbólico o un archivo de archivado en un directorio temporal. Esto lo demuestra sosreport-$hostname-$date.tar en /tmp/sosreport-$hostname-$date. An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system. • http://rhn.redhat.com/errata/RHSA-2016-0152.html http://rhn.redhat.com/errata/RHSA-2016-0188.html http://www.securityfocus.com/bid/83162 http://www.ubuntu.com/usn/USN-2845-1 https://access.redhat.com/errata/RHSA-2016:0152 https://access.redhat.com/errata/RHSA-2016:0188 https://bugzilla.redhat.com/show_bug.cgi?id=1282542 https://github.com/sosreport/sos/issues/696 https://access.redhat.com/security/cve/CVE-2015-7529 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7436
https://notcve.org/view.php?id=CVE-2014-7436
The SOS recette (aka com.sos.recette) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación para SOS recette (también conocida como com.sos.recette ) 1.0 no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle suplantar servidores y obtener información sensible a través de un certificado manipulado. • http://www.kb.cert.org/vuls/id/247745 http://www.kb.cert.org/vuls/id/582497 https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing • CWE-310: Cryptographic Issues •