CVE-2018-19638

LOW

Supportutils <3.1-5.7.1 - Privilege Escalation

Title source: llm

Description

In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files.

References (2)

[Issue Tracking] https://bugzilla.suse.com/show_bug.cgi?id=1118460

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00018.html

Scores

CVSS v3 2.2

EPSS 0.0004

EPSS Percentile 12.7%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-377 CWE-59

Status published

Products (1)

opensuse/supportutils < 3.1-5.7.1

Published Mar 05, 2019

Tracked Since Feb 18, 2026