CVE-2016-4455
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-4455
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4455.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-4455
- Related
- Published
- 2017-04-14T18:59:00Z
- Modified
- 2024-05-23T00:57:03.764994Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories.
- References
-
- http://rhn.redhat.com/errata/RHSA-2016-2592.html
- http://rhn.redhat.com/errata/RHSA-2017-0698.html
- http://www.securityfocus.com/bid/93926
- http://www.securitytracker.com/id/1038083
- https://bugzilla.redhat.com/show_bug.cgi?id=1340525
- http://www.openwall.com/lists/oss-security/2016/10/26/5
- https://github.com/candlepin/subscription-manager/commit/9dec31
- https://github.com/candlepin/subscription-manager/blob/subscription-manager-1.17.7-1/subscription-manager.spec
Affected packages
Git / github.com/candlepin/subscription-manager
Affected versions
subscription-manager-0.*
subscription-manager-0.96.2-1
subscription-manager-0.96.3-1
subscription-manager-0.96.4-1
subscription-manager-0.96.5-1
subscription-manager-0.96.6-1
subscription-manager-0.96.7-1
subscription-manager-0.96.8-1
subscription-manager-0.96.9-1
subscription-manager-0.97.1-1
subscription-manager-0.97.2-1
subscription-manager-0.98.2-1
subscription-manager-0.98.3-1
subscription-manager-0.98.4-1
subscription-manager-0.98.5-1
subscription-manager-0.98.6-1
subscription-manager-0.98.7-1
subscription-manager-0.98.8-1
subscription-manager-0.99.10-1
subscription-manager-0.99.11-1
subscription-manager-0.99.12-1
subscription-manager-0.99.13-1
subscription-manager-0.99.2-1
subscription-manager-0.99.3-1
subscription-manager-0.99.4-1
subscription-manager-0.99.5-1
subscription-manager-0.99.6-1
subscription-manager-0.99.7-1
subscription-manager-0.99.8-1
subscription-manager-0.99.9-1
subscription-manager-1.*
subscription-manager-1.0.1-1
subscription-manager-1.0.10-1
subscription-manager-1.0.11-1
subscription-manager-1.0.12-1
subscription-manager-1.0.13-1
subscription-manager-1.0.14-1
subscription-manager-1.0.15-1
subscription-manager-1.0.16-1
subscription-manager-1.0.17-1
subscription-manager-1.0.2-1
subscription-manager-1.0.3-1
subscription-manager-1.0.4-1
subscription-manager-1.0.5-1
subscription-manager-1.0.6-1
subscription-manager-1.0.7-1
subscription-manager-1.0.8-1
subscription-manager-1.0.9-1
subscription-manager-1.1.1-1
subscription-manager-1.1.10-1
subscription-manager-1.1.2-1
subscription-manager-1.1.3-1
subscription-manager-1.1.4-1
subscription-manager-1.1.5-1
subscription-manager-1.1.6-1
subscription-manager-1.1.7-1
subscription-manager-1.1.8-1
subscription-manager-1.1.9-1
subscription-manager-1.10.1-1
subscription-manager-1.10.10-1
subscription-manager-1.10.11-1
subscription-manager-1.10.12-1
subscription-manager-1.10.13-1
subscription-manager-1.10.14-1
subscription-manager-1.10.2-1
subscription-manager-1.10.3-1
subscription-manager-1.10.4-1
subscription-manager-1.10.5-1
subscription-manager-1.10.6-1
subscription-manager-1.10.7-1
subscription-manager-1.10.8-1
subscription-manager-1.10.9-1
subscription-manager-1.11.1-1
subscription-manager-1.11.2-1
subscription-manager-1.11.3-1
subscription-manager-1.11.4-1
subscription-manager-1.11.5-1
subscription-manager-1.11.6-1
subscription-manager-1.11.7-1
subscription-manager-1.12.1-1
subscription-manager-1.12.10-1
subscription-manager-1.12.11-1
subscription-manager-1.12.12-1
subscription-manager-1.12.13-1
subscription-manager-1.12.14-1
subscription-manager-1.12.2-1
subscription-manager-1.12.3-1
subscription-manager-1.12.4-1
subscription-manager-1.12.5-1
subscription-manager-1.12.6-1
subscription-manager-1.12.7-1
subscription-manager-1.12.8-1
subscription-manager-1.12.9-1
subscription-manager-1.13.1-1
subscription-manager-1.13.10-1
subscription-manager-1.13.11-1
subscription-manager-1.13.12-1
subscription-manager-1.13.13-1
subscription-manager-1.13.2-1
subscription-manager-1.13.3-1
subscription-manager-1.13.4-1
subscription-manager-1.13.5-1
subscription-manager-1.13.6-1
subscription-manager-1.13.7-1
subscription-manager-1.13.8-1
subscription-manager-1.13.9-1
subscription-manager-1.14.1-1
subscription-manager-1.14.2-1
subscription-manager-1.14.3-1
subscription-manager-1.14.4-1
subscription-manager-1.14.5-1
subscription-manager-1.14.6-1
subscription-manager-1.14.7-1
subscription-manager-1.14.8-1
subscription-manager-1.14.9-1
subscription-manager-1.15.1-1
subscription-manager-1.15.2-1
subscription-manager-1.15.3-1
subscription-manager-1.15.4-1
subscription-manager-1.15.5-1
subscription-manager-1.15.6-1
subscription-manager-1.15.7-1
subscription-manager-1.16.0-1
subscription-manager-1.16.1-1
subscription-manager-1.16.2-1
subscription-manager-1.16.3-1
subscription-manager-1.16.4-1
subscription-manager-1.16.5-1
subscription-manager-1.16.6-1
subscription-manager-1.16.7-1
subscription-manager-1.16.8-1
subscription-manager-1.17.1-1
subscription-manager-1.17.2-1
subscription-manager-1.17.3-1
subscription-manager-1.17.4-1
subscription-manager-1.17.5-1
subscription-manager-1.17.6-1
subscription-manager-1.8.0-1
subscription-manager-1.8.1-1
subscription-manager-1.8.10-1
subscription-manager-1.8.11-1
subscription-manager-1.8.12-1
subscription-manager-1.8.13-1
subscription-manager-1.8.2-1
subscription-manager-1.8.3-1
subscription-manager-1.8.4-1
subscription-manager-1.8.5-1
subscription-manager-1.8.6-1
subscription-manager-1.8.7-1
subscription-manager-1.8.8-1
subscription-manager-1.8.9-1
subscription-manager-1.9.1-1
subscription-manager-1.9.2-1