CVE-2012-5605 — Incorrect Default Permissions in Redhat Cloudforms
Severity
2.1LOWNVD
EPSS
0.1%
top 75.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 4
Latest updateMay 17
Description
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
CVSS vector
AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9
Affected Packages1 packages
🔴Vulnerability Details
2💥Exploits & PoCs
1Exploit-DBâ–¶
D-Link DCS-5605 Network Surveillance - ActiveX Control 'DcsCliCtrl.dll' lstrcpyW Remote Buffer Overflow↗2012-03-28
📋Vendor Advisories
1💬Community
1Bugzillaâ–¶
CVE-2012-5605 CloudForms grinder: /var/lib/pulp/cache/grinder directory is world-writeable↗2012-11-30