CVE-2012-5477

The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
VendorProductVersion
theforemanforeman
𝑥
≤ 1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://projects.theforeman.org/issues/1929
http://theforeman.org/security.html
http://projects.theforeman.org/issues/1929
http://theforeman.org/security.html