CVE-2015-1870 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 27%

Affected Products (NVD)

Vendor	Product	Version
redhat	automatic_bug_reporting_tool	𝑥 ≤ 2.1.11

𝑥

= Vulnerable software versions

Red Hat Enterprise Linux Releases

Red Hat Product

Release

abrt

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-addon-ccpp

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-addon-kerneloops

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-addon-pstoreoops

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-addon-python

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-addon-upload-watch

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-addon-vmcore

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-addon-xorg

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-cli

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-console-notification

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-dbus

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-desktop

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-devel

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-gui

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-gui-devel

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-gui-libs

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-libs

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-python

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

abrt-python-doc

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-retrace-client

RHEL 7

0:2.1.11-22.el7_1

fixed

abrt-tui

RHEL 6	0:2.0.8-26.el6_6.1 fixed
RHEL 7	0:2.1.11-22.el7_1 fixed

libreport

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-anaconda

RHEL 7

0:2.1.11-23.el7_1

fixed

libreport-cli

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-compat

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-devel

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-filesystem

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-gtk

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-gtk-devel

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-newt

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-bugzilla

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-kerneloops

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-logger

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-mailx

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-reportuploader

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-rhtsupport

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-plugin-ureport

RHEL 7

0:2.1.11-23.el7_1

fixed

libreport-python

RHEL 6	0:2.0.9-21.el6_6.1 fixed
RHEL 7	0:2.1.11-23.el7_1 fixed

libreport-rhel

RHEL 7

0:2.1.11-23.el7_1

fixed

libreport-rhel-anaconda-bugzilla

RHEL 7

0:2.1.11-23.el7_1

fixed

libreport-rhel-bugzilla

RHEL 7

0:2.1.11-23.el7_1

fixed

libreport-web

RHEL 7

0:2.1.11-23.el7_1

fixed

libreport-web-devel

RHEL 7

0:2.1.11-23.el7_1

fixed

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://rhn.redhat.com/errata/RHSA-2015-1083.html

http://rhn.redhat.com/errata/RHSA-2015-1210.html

http://www.securityfocus.com/bid/75119

https://bugzilla.redhat.com/show_bug.cgi?id=1212868

https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1

https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c

https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c5

http://rhn.redhat.com/errata/RHSA-2015-1083.html

http://rhn.redhat.com/errata/RHSA-2015-1210.html

http://www.securityfocus.com/bid/75119

https://bugzilla.redhat.com/show_bug.cgi?id=1212868

https://github.com/abrt/abrt/commit/7d023c32a565e83306cddf34c894477b7aaf33d1

https://github.com/abrt/abrt/commit/8939398b82006ba1fec4ed491339fc075f43fc7c

https://github.com/abrt/libreport/commit/c962918bc70a61a8cc647898ee8b1ff1c14a87c5