Vulnerabilities > CVE-2023-49346 - Exposure of Resource to Wrong Sphere vulnerability in Ubuntubudgie Budgie Extras

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
ubuntubudgie
CWE-668

Summary

Temporary data passed between application components by Budgie Extras WeatherShow applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false information to users or deny access to the application and panel.

Common Weakness Enumeration (CWE)