CVE-2013-4209

CWE-200 — Information Exposure6 documents5 sources
Severity
3.3LOW
EPSS
0.0%
top 87.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Automatic BUG Reporting Tool
Timeline
PublishedMay 1
Latest updateMay 14

Description

Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-pcf3-q2c7-v458: Automatic Bug Reporting Tool (ABRT) before 2↗2022-05-14
â–¶
CVEList
CVE-2013-4209: Automatic Bug Reporting Tool (ABRT) before 2↗2018-05-01
â–¶

📋Vendor Advisories

1
Red Hat
ABRT: (substantially) limited leak of unauthorized information↗2013-09-06
â–¶

💬Community

2
Bugzilla
libqb: privileged IPC client naively prone to truncating/deleting semi-arbitrary files even if otherwise protected from an unprivileged IPC server↗2019-05-29
â–¶
Bugzilla
CVE-2013-4209 ABRT: (substantially) limited leak of unauthorized information↗2013-08-02
â–¶
CVE-2013-4209 (LOW CVSS 3.3) | Automatic Bug Reporting Tool (ABRT) | cvebase.io