CVE-2014-1425 - Permissions, Privileges, and Access Control vulnerability in multiple products

Summary

cmanager 0.32 does not properly enforce nesting when modifying cgroup properties, which allows local users to set cgroup values for all cgroups via unspecified vectors.

Classification

CWE-264 - Permissions, Privileges, and Access Control

Risk level (CVSS 2.1)

Low

2.1

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None