CVE-2016-9595
published 2018-07-27CVE-2016-9595: A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to…
medium5.5CVSS 3.0
AVLACLPRLUINSUCNIHAN
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foreman | katello-debug | — | — |
| redhat | satellite | — | — |
| redhat | satellite_capsule | — | — |
| theforeman | katello | < 3.4.0 | 3.4.0 |