3.7P3Bp153.2.3.1

CVSS 5.3 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

local

low complexity

opensuse

NVD

Published: 2022-09-07

Updated: 2024-11-21

Summary

A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE Backports SLE-15-SP4 canna versions prior to 3.7p3-bp154.3.3.1. openSUSE Factory was also affected. Instead of fixing the package it was deleted there.

Vulnerable Configurations

Part	Description	Count
Application	Opensuse Opensuse Canna - Opensuse Canna 3.7P3 Opensuse Canna 3.7P3-Bp153.2.3.1 Opensuse Backports SLE 15.0 Opensuse Factory -	6
OS	Suse Suse Linux Enterprise 12.0	1

Summary

Vulnerable Configurations

References