Home

CVE-2015-3243

Description

rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.134

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Desktop 12-SP3 ) rsyslog-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Desktop 12-SP3 ) rsyslog-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Desktop 12-SP3 ) rsyslog-debugsource-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-diag-tools-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-diag-tools-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-doc-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-gssapi-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-gssapi-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-gtls-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-gtls-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-mysql-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-mysql-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-pgsql-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-pgsql-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-relp-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-relp-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-snmp-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-snmp-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-udpspoof-8.24.0-3.3.1.x86_64.rpmLinux
SUSE-SU-2018:2038-1(SUSE Linux Enterprise Server 12-SP3 ) rsyslog-module-udpspoof-debuginfo-8.24.0-3.3.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234