Vulnerability Details CVE-2018-20106
In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 9.3
References
Products affected by CVE-2018-20106
-
cpe:2.3:a:opensuse:yast2-printer:3.1.2
-
cpe:2.3:a:opensuse:yast2-printer:3.1.3
-
cpe:2.3:a:opensuse:yast2-printer:3.1.4
-
cpe:2.3:a:opensuse:yast2-printer:3.1.5
-
cpe:2.3:a:opensuse:yast2-printer:3.1.6
-
cpe:2.3:a:opensuse:yast2-printer:3.2.0
-
cpe:2.3:a:opensuse:yast2-printer:4.0.0
-
cpe:2.3:a:opensuse:yast2-printer:4.0.1
-
cpe:2.3:a:opensuse:yast2-printer:4.0.2