CVE-2018-19638 is a vulnerability in OpenSuse Supportutils
Published on March 5, 2019
User can overwrite arbitrary log files in support tar
In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files.
Weakness Type
Insecure Temporary File
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
Products Associated with CVE-2018-19638
Want to know whenever a new CVE is published for OpenSuse Supportutils? stack.watch will email you.
Affected Versions
SUSE supportutils:- Version unspecified and below 3.1-5.7.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.