CVE-2013-7042

SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
novellsuse_lifecycle_management_server
𝑥
≤ 1.3
novellsuse_lifecycle_management_server
1.0
novellsuse_lifecycle_management_server
1.1
novellsuse_lifecycle_management_server
1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/100652
https://bugzilla.novell.com/show_bug.cgi?id=852101
https://exchange.xforce.ibmcloud.com/vulnerabilities/89897
https://www.suse.com/support/update/announcement/2013/suse-su-20131813-1.html
http://osvdb.org/100652
https://bugzilla.novell.com/show_bug.cgi?id=852101
https://exchange.xforce.ibmcloud.com/vulnerabilities/89897
https://www.suse.com/support/update/announcement/2013/suse-su-20131813-1.html