CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-4481

Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.8%

CVSS Severity

CVSS v2 Score 1.9

References

http://rhn.redhat.com/errata/RHSA-2013-1603.html
https://bugzilla.redhat.com/show_bug.cgi?id=988998
http://rhn.redhat.com/errata/RHSA-2013-1603.html
https://bugzilla.redhat.com/show_bug.cgi?id=988998

Products affected by CVE-2013-4481

Scientificlinux » Luci » Version: 0.26.0

cpe:2.3:a:scientificlinux:luci:0.26.0
Redhat » Enterprise Linux » Version: 6.0

cpe:2.3:o:redhat:enterprise_linux:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-4481

Products

Pricing

Contact Us