Vulnerability Details CVE-2022-48258
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.7%
CVSS Severity
CVSS v3 Score 5.3
References
- http://www.openwall.com/lists/oss-security/2023/02/16/1
- https://github.com/MisterTea/EternalTerminal/issues/555
- https://github.com/MisterTea/EternalTerminal/pull/556
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYODHZECXYFC2BNODZPZXZAXOKGMCYAP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6MO4FSKYNSAJVUXYP7LRY7ARUIGKBFL/
- http://www.openwall.com/lists/oss-security/2023/02/16/1
- https://github.com/MisterTea/EternalTerminal/issues/555
- https://github.com/MisterTea/EternalTerminal/pull/556
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYODHZECXYFC2BNODZPZXZAXOKGMCYAP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6MO4FSKYNSAJVUXYP7LRY7ARUIGKBFL/
Products affected by CVE-2022-48258
-
cpe:2.3:a:eternal_terminal_project:eternal_terminal:6.2.1