CVE-2014-9770
published 2016-04-20CVE-2014-9770: tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows…
low3.3CVSS 3.0
AVLACLPRLUINSUCLINAN
tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | systemd | < systemd 215-1 (bookworm) | systemd 215-1 (bookworm) |
| opensuse | opensuse | — | — |
| systemd_project | systemd | >= 0 < 215-1 | 215-1 |
| systemd_project | systemd | >= 0 < 215-1 | 215-1 |
| systemd_project | systemd | >= 0 < 215-1 | 215-1 |
| systemd_project | systemd | >= 0 < 215-1 | 215-1 |
CVSS provenance
nvdv3.03.3LOWCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv3.3LOW