CVE-2012-3449
published 2012-08-07CVE-2012-3449: Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/…
low3.6CVSS 3.1
AVLACLAuNCNIPAP
Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openvswitch | < openvswitch 1.4.2+git20120612-8 (bookworm) | openvswitch 1.4.2+git20120612-8 (bookworm) |
| openvswitch | openvswitch | — | — |
| openvswitch | openvswitch | >= 0 < 1.4.2+git20120612-8 | 1.4.2+git20120612-8 |
| openvswitch | openvswitch | >= 0 < 1.4.2+git20120612-8 | 1.4.2+git20120612-8 |
| openvswitch | openvswitch | >= 0 < 1.4.2+git20120612-8 | 1.4.2+git20120612-8 |
| openvswitch | openvswitch | >= 0 < 1.4.2+git20120612-8 | 1.4.2+git20120612-8 |
CVSS provenance
nvd3.6LOWAV:L/AC:L/Au:N/C:N/I:P/A:P
osv3.6LOW