CVE-2018-19637 is a vulnerability in OpenSuse Supportutils
Published on March 5, 2019
Static temporary filename allows overwriting of files
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection
Weakness Type
Insecure Temporary File
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
Products Associated with CVE-2018-19637
Want to know whenever a new CVE is published for OpenSuse Supportutils? stack.watch will email you.
Affected Versions
SUSE supportutils:- Version unspecified and below 3.1-5.7.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.