redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-05T07:46:47.511Z

Reserved: 2018-05-09T00:00:00

Link: CVE-2018-10870

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-19T22:29:00.293

Modified: 2024-11-21T03:42:11.087

Link: CVE-2018-10870

cve-icon Redhat

Severity : Critical

Publid Date: 2018-07-18T00:00:00Z

Links: CVE-2018-10870 - Bugzilla

cve-icon OpenCVE Enrichment

No data.