| |
Vulnerability CVE-2021-36781
Published: 2022-01-14
| Description: |
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows local attackers to imitate the service leading to DoS or clients talking to an imposter service. This issue affects: openSUSE Factory parsec versions prior to 0.8.1-1.1. |
Type:
CWE-276 (Incorrect Default Permissions)
CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.6/10 |
4.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
Partial |
References: |
https://bugzilla.suse.com/show_bug.cgi?id=1193484
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
