Filtered by vendor Sos-collector Project Subscriptions
Filtered by product Sos-collector Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-14650 2 Redhat, Sos-collector Project 7 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Server and 4 more 2024-11-21 N/A
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.