CVE-2024-49506

CWE-3773 documents3 sources
Severity
7.3HIGH
EPSS
0.1%
top 75.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Opensuse Tumbleweed
Timeline
PublishedNov 13

Description

Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5opensuse/tumbleweed< 1.0.2+1

🔴Vulnerability Details

2
GHSA
GHSA-w9xp-hq72-9j37: Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption ke2024-11-13
CVEList
Fixed temporary file path in aeon-checks allows fixing of disk encryption key2024-11-13
CVE-2024-49506 (HIGH CVSS 7.3) | Insecure creation of temporary file | cvebase.io