CVE-2013-0261

A flaw was found in PackStack. A local user could exploit a symlink attack on a temporary file with a predictable name in the `/tmp` directory. This vulnerability allows the local user to overwrite arbitrary files on the system, potentially leading to system compromise or data corruption.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Affected Products (NVD)
VendorProductVersion
openstackessex
-
openstackfolsom
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2013-0595.html
https://access.redhat.com/security/cve/CVE-2013-0261
https://bugzilla.redhat.com/show_bug.cgi?id=908101
http://rhn.redhat.com/errata/RHSA-2013-0595.html
https://bugzilla.redhat.com/show_bug.cgi?id=908101