{"containers": {"cna": {"affected": [{"product": "rhnsd", "vendor": "Red Hat, Inc.", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-08-11T00:00:00", "descriptions": [{"lang": "en", "value": "It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-377", "description": "CWE-377", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-09-13T16:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480550"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:04:12.054Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480550"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7560", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-08-05T16:04:12.054Z", "state": "PUBLISHED", "datePublished": "2017-09-13T17:00:00Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:rhnsd:-:*:*:*:*:*:*:*", "matchCriteriaId": "43D0350E-D828-4DD9-AEFD-29F6FFDD276D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes."}, {"lang": "es", "value": "Se ha descubierto que los archivos PID de rhnsd se crean de modo que cualquier usuario pueda modificarlos, lo que permite que atacantes locales llenen los discos o terminen procesos seleccionados."}], "id": "CVE-2017-7560", "lastModified": "2019-10-09T23:29:46.547", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-09-13T17:29:00.930", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480550"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-377"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"bugzilla": {"description": "rhnsd: World-writable PID files", "id": "1480550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480550"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-377", "details": ["It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes."], "name": "CVE-2017-7560", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "rhnsd", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "rhnsd", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "rhnsd", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2017-08-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-7560\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7560"], "statement": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}