Filtered by vendor Sos Project
Subscriptions
Filtered by product Sos
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-2806 | 3 Ovirt, Redhat, Sos Project | 3 Log Collector, Rhev Manager, Sos | 2024-11-21 | 5.5 Medium |
It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev | ||||
CVE-2015-7529 | 3 Canonical, Redhat, Sos Project | 9 Ubuntu Linux, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2024-11-21 | 7.8 High |
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date. | ||||
CVE-2015-3171 | 1 Sos Project | 1 Sos | 2024-11-21 | 5.5 Medium |
sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive. |
Page 1 of 1.