CVE-2016-4980 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	2.5 LOW	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 33%

Vendor	Product	Version
ethz	xquest	𝑥 ≤ 2016-06-13
redhat	enterprise_linux	6.0
redhat	enterprise_linux	7.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-330 - Use of Insufficiently Random Values
The software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

References

https://access.redhat.com/security/cve/cve-2016-4980

https://bugzilla.redhat.com/show_bug.cgi?id=1346016

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVW2QJFNZUZYBN4M4YUE7S2NZBWWMGES/

https://access.redhat.com/security/cve/cve-2016-4980

https://bugzilla.redhat.com/show_bug.cgi?id=1346016

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVW2QJFNZUZYBN4M4YUE7S2NZBWWMGES/