CVE-2012-5477

EUVD-2012-5395
The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
theforemanforeman
𝑥
≤ 1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://projects.theforeman.org/issues/1929
http://theforeman.org/security.html
http://projects.theforeman.org/issues/1929
http://theforeman.org/security.html