GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-06-23T19:04:53
Updated: 2024-08-04T13:00:52.075Z
Reserved: 2020-06-22T00:00:00
Link: CVE-2020-14976
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-06-23T20:15:12.927
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-14976
Redhat
No data.